Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
07-27-2012, 08:21 AM
|
#1
|
Member
Registered: Sep 2011
Posts: 95
Rep:
|
how to bypass squid proxy to particular client
Hi All,
I have configured squid transparent proxy(squid3-3.1.19) server on ubuntu 12.04 and everything is working fine.
By default all LAN user's port 80 request is redirecting to squid port 3128. But I don't want to redirect one of the client(172.16.0.*/16)'s port 80 request to 3128 and server should be working as only router to only that particular machine(172.16.0.*/16) and also there won't be any squid logs for this particular IP, which means I want to send port 80 request or all port requests that are coming from 172.16.0.*/16 to internet directly.
So is it possible to achieve this either using iptables rules or squid ACLs.
Thanks in advanse for your kind help.
|
|
|
07-27-2012, 08:43 AM
|
#2
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
well clearly you can't bypass squid with squid config, but yes you can certainly change the redirection rule to exclude that IP, just add "-s ! 172.16.12.34" to the entry.
I wouldn't generally suggest that you shoudln't bypass squid though, but give it special rules within squid with an ACL.
|
|
2 members found this post helpful.
|
07-27-2012, 10:52 AM
|
#3
|
Member
Registered: Sep 2011
Posts: 95
Original Poster
Rep:
|
Thanks acid_kewpie
Quote:
just add "-s ! 172.16.12.34" to the entry.
|
Could please mention where I have to add this entry i.e
Code:
FORWARD chain?
or
nat table?
I request you to post the full command.
|
|
|
07-27-2012, 02:07 PM
|
#4
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
well it's the nat table your redirect to port 3128 is on isn't it?
|
|
1 members found this post helpful.
|
07-27-2012, 10:52 PM
|
#5
|
Member
Registered: Sep 2011
Posts: 95
Original Poster
Rep:
|
Quote:
Originally Posted by acid_kewpie
well it's the nat table your redirect to port 3128 is on isn't it?
|
Yes acid_kewpie, it is on, how can I prevent by redirecting port 80 request from 172.16.0.128/16 machine to squid port 3128.
I request you to post the command.
Code:
172.16.0.128/16 --->port 80 request--->should directly goes to internet.
not like below
172.16.0.128/16 --->port 80 request--->squid port 3128--->internet
|
|
|
07-30-2012, 12:56 AM
|
#6
|
Member
Registered: Sep 2011
Posts: 95
Original Poster
Rep:
|
May I get your kind help for the above?
|
|
|
07-30-2012, 03:00 AM
|
#7
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
you already have a redirect rule, just add the bit I gave you on to it.
|
|
|
All times are GMT -5. The time now is 10:17 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|