Squid 3.0 Transparent Proxy Configuration Issue

General discussion about Linux, Linux distribution, using Linux etc.
Post Reply
rmuhammadali
Cadet
Posts: 5
Joined: Wed Oct 07, 2009 1:17 pm
Location: Faislabad - Pakistan

Squid 3.0 Transparent Proxy Configuration Issue

Post by rmuhammadali »

Dear All,
Here is my squid.conf configuration file. when i use it as transparent then the error occurs as page cannot be displayerd

acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 192.168.4.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access deny all
icp_access allow localnet
icp_access deny all
htcp_access allow localnet
htcp_access deny all
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
access_log /usr/local/squid/var/logs/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname cent.localdomain.local
icp_port 3130
coredump_dir /usr/local/squid/var/cache


Please help, waiting for response.

Regards RMA
lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Post by lambda »

does the error occur if they go to the ip address as well? or just websites?

try

http://202.59.80.52/

what do you see?

can the clients do dns resolution properly?

please use something other than internet explorer for testing -- something that shows you the real error.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
rmuhammadali
Cadet
Posts: 5
Joined: Wed Oct 07, 2009 1:17 pm
Location: Faislabad - Pakistan

Post by rmuhammadali »

Yes Dear,
the problem is same as you mentioned. dns resolution problem occurs.

Regards
RMA
lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Post by lambda »

configure the client systems with a valid dns server. if nothing else, use this dns server: 8.8.8.8.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Kamran.Ahmed
Lance Naik
Posts: 45
Joined: Wed Dec 16, 2009 5:57 pm
Location: Karachi

Post by Kamran.Ahmed »

one more could be use 4.2.2.2
Kamran Ahmed Khan
kamran.cisco@gmail.com
Registered Linux User # 526139
www.allaboutlinux.org
lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Post by lambda »

sure, if you trust verizon with your data.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Post Reply