[Gllug] Squid

Jackson, Harry HJackson at colt-telecom.com
Mon Jun 24 13:52:05 UTC 2002 


> -----Original Message-----
> From: John Hearns [mailto:john.hearns at cern.ch]
> 
> The lazy persons way of doing this would be to configure your browser
> so that it doesn't proxy accesses to the local address (I think).
> But of course you may be wanting to test squid, in qhich case
> I am talking twaddle.
> 
> Remember that the chief virtues of a programmer and laziness 
> and hubris.

Having just finished reading the "basic TCP/IP Howto's" I think that there
are a couple of ways to do it at least in theory maybe not in practice. 

1. I can use iptables to redirect the request to "192.168.10.1:80" to
"127.0.0.1:80" by putting the line before the one that redirects to squids
3128 port. I am unable to redirect it back to 192.168.10.1 or we could end
up in a bit of a loop.
2. I can get squid to send local IP address requests to the local box.
3. Uninstall squid and iptables and say "fsck it!".

The problem! I have tried number 1 am unsure if 2 is viable and am not mad
enough to try 3 and go online. Hence the reason for my post. I have RTFM as
well as the "Basic TCP/IP Howto's"

The offending rule that sends to squid is. 

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 3128

I want to put a rule before this that will redirect to the local port. What
I would like to know is this the correct way to go about it and is it
possible. It seems logical enough to me I just havn't got it working yet.

Harry







*************************************************************************************
COLT Telecommunications
Registered in England No. 2452736
Registered Office: Bishopsgate Court, 4 Norton Folgate, London E1 6DQ
Tel. +44 20 7390 3900

This message is subject to and does not create or vary any contractual
relationship between COLT Telecommunications, its subsidiaries or 
affiliates ("COLT") and you. Internet communications are not secure
and therefore COLT does not accept legal responsibility for the
contents of this message.  Any view or opinions expressed are those of
the author. The message is intended for the addressee only and its
contents and any attached files are strictly confidential. If you have
received it in error, please telephone the number above. Thank you.
*************************************************************************************

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20020624/b9ba8194/attachment.html>

More information about the GLLUG mailing list