Shorewall and squid transparent proxy problem
Diego Xirinachs
dxiri343 at gmail.com
Mon Apr 4 23:07:51 UTC 2011
Hi all, speaking of gateways and shorewall, I bumped into a problem today
with it. I have a 10.04 LTS server setup at a small office running shorewall
and squid, clients are configured MANUALLY to use the proxy server, but now
I want to make this proxy transparent and let shorewall redirect the proxy
requests becuase I need to setup a VPN and cisco VPN client doesnt have an
option to manually input a proxy.
So I go ahead and configured my squid to be transparent and shorewall to
redirect the traffic to it, only thing is, it doesnt work, If I remove the
proxy address from a client to test it, I get the following error (I use
chromium browser):
Error 137 (net::ERR_NAME_RESOLUTION_FAILED): Unknown error.
My /etc/shorewall/rules are setup with this ACCEPT and REDIRECT rules:
#ACTION SOURCE DEST PROTO DEST PORT(S) SOURCE ORIGINAL
# PORT(S) DEST
REDIRECT loc 3128 tcp www -
ACCEPT $FW net tcp www
I have also tried putting the ACCEPT rule first but it didnt work also.
Squid Is installed on this same system and listening on port 3128
In my squid.conf Im pretty sure the ACL's are configured properly and I also
have this line:
always_direct allow localhost
That tells SQUID to always send traffic from the firewall directly to the
internet.
IF you need any more info please dont hesitate to ask, im really out of
ideas on this one I think everything is setup correctly and have no idea why
It doesnt work.
thanks in advance
--
X1R1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20110404/f6ab6d90/attachment.html>
More information about the ubuntu-server
mailing list