[ILUG] either transparent proxy or iptables problem.
Francis Daly
francisdaly at gmail.com
Sat Jan 5 02:46:43 GMT 2008
On 05/01/2008, Darragh <lists at digitaldarragh.com> wrote:
Hi there,
> I'm finally getting somewhere!
Good news!
> To be more specific, I can connect to the internet if I configure the
> client to use the proxy 192.168.2.5:3128
That's good. A configured proxy works, so at least that much of the
squid side is right.
> but using iptables, it says
> something about the http request is malformed.
My first guess is that squid isn't confiugred to be a transparent proxy.
But that message also means that the http request did get to your
squid, which indicates that at least a part of the network side of the
"transparent" feature is right too.
> any suggestions as to how I can determine exactly what it's finding fault
> with? could it be because of something that's getting changed in the
> header as it's passing through the routing?
>
> The page I am shown when connecting to google.com while the transparent
> proxy seems to be reached is:
This bit here is the difference:
> GET / HTTP/1.1
<snip>
> Host: www.google.com
When the client knows it is using a proxy, the GET line is the full
http://www.google.com/ url. When it knows it isn't, the GET line is
just the local part, in this case /.
That squid fails on this request suggests that it is not correctly
configured for transparent proxying.
I see you are using 2.6.STABLE14.
On my 2.6.STABLE5, I changed the line
http_port 3128
to
http_port 3128 transparent
and did "squid -k reconfigure", and then
nc localhost 3128 <<X
GET / HTTP/1.0
Host: www.linux.ie
X
started succeeding (where previously it had failed in the same way
that yours does).
What is http_port set to in your squid.conf?
Good luck,
f
More information about the ILUG
mailing list