I'm sorry
i forget dport in ipchains and also some web sites use ports 8080:8081 8100:8104
try:
ipchains -A INPUT -i lo -j ACCEPT (because OUTPUT chain already policy ACCEPT)
and remove
ipchains -A input -j ACCEPT -s localhost -d localhost
change:
ipchains -A input -p tcp -d 0/0 80 -j REDIRECT 3128 (add input interface and add -s $IPNET/$MASK )
such as
ipchains -A INPUT -i $IFACE -s $INET/$MASK -d 0.0.0.0/0 -j REDIRECT 3128
and check your kernel support ipportfw
19.04.2002 8:48:41, Payal <rpayal@indiainfo.com> wrote:
>Hello,
>I am using squid 2.4 stable4 and ipchains 1.3.10.
>I prefer to use for the time being ipchains instead of iptables. Now squid is running properly. I
can see access.log files getting updated. i use a banner redirector which also works, so squid
does work properly. No doubt about it. Now I don't want to configure each browser. So, I want all
http requests to redirect to squid. So, I do simple setup like,
>
>ipchains -A input -p tcp -d 0/0 80 -j REDIRECT 3128
>#ipchains -L
>Chain input (policy ACCEPT):
>target prot opt source destination ports
>ACCEPT all ------ localhost.localdomain localhost.localdomain n/a
>REDIRECT tcp ------ anywhere anywhere any -> http => squid
>Chain forward (policy ACCEPT):
>Chain output (policy ACCEPT):
>Still, I cannot get this whole thing to work. I can see [ from access.log ] that a browser which
is not configured to use squid does not use squid at all.
>Please tell me what is missing?
>Thanks a lot for the time in advance and bye.
>-Payal
>
Received on Thu Apr 18 2002 - 22:29:10 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:36 MST