RE: [squid-users] wccp working config example

From: Jorge Bastos <mysql.jorge_at_decimal.pt>
Date: Thu, 11 Sep 2008 11:15:55 +0100

Olá Nuno :P

As a transparent proxy it apply's the ACL, I have it working for example to
block MSN using an ACL, and other stuff.
In fact I never used squid in other way than as a transparent proxy and it
always worked.

> -----Original Message-----
> From: Nuno Silva [mailto:nsilva_at_acss.min-saude.pt]
> Sent: quinta-feira, 11 de Setembro de 2008 8:43
> To: Amos Jeffries
> Cc: Dan Letkeman; squid-users
> Subject: RE: [squid-users] wccp working config example
>
> Another question...should i see the requests from users in the
> access.log? (because I'm not)
> I'm trying to filter the requests by category (no porn, no gambling, no
> streaming....and so on), mas it seems that if I use the Squid as
> transparent proxy it doesn't apply the ACL's in squid.conf (but if I
> use
> the squid as my proxy, it works)
>
>
> Best regards,
> Nuno Silva
>
>
> -----Mensagem original-----
> De: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
> Enviada: quarta-feira, 10 de Setembro de 2008 15:26
> Para: Nuno Silva
> Cc: Dan Letkeman; squid-users
> Assunto: Re: [squid-users] wccp working config example
>
> Nuno Silva wrote:
> > Amos.
> >
> > Thank you very much, it started working, i was missing the 'iptables
> -t
> > nat -A POSTROUTING -j MASQUERADE'... what is the purpose of that?
>
> Normally to NAT traffic coming in you have to NAT the responses back to
> the right places, but it gets tricky very quickly so someone created
> MASQUERADE to unwind all NAT bindings automatically on response
> packets.
>
> I'm not sure about speed, but its easy to configure.
>
> >
> > And regarding the output of iptables -t filter -L *:
> >
> > iptables: No chain/target/match by that name
> >
> > Should the output be other?
>
> Weird, I'd expect a list same as for the -t nat you gave earlier, but
> never mind. I thought maybe there was a forwarding rule or policy
> blocking things. Since MASQUERADE fixed it, we don't need to look any
> further.
>
> >
> > Best regards and many many many many many many many thanks!
> > Nuno Silva
> >
>
> Welcome.
>
> Amos
> --
> Please use Squid 2.7.STABLE4 or 3.0.STABLE8
>
>
> No virus found in this incoming message.
> Checked by AVG - http://www.avg.com
> Version: 8.0.169 / Virus Database: 270.6.19/1663 - Release Date:
> 10-09-2008 6:00
Received on Thu Sep 11 2008 - 10:16:00 MDT

This archive was generated by hypermail 2.2.0 : Thu Sep 11 2008 - 12:00:05 MDT