Invisible squid proxy

Discuss Applications
Post Reply
X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:

Invisible squid proxy

Post by X11 »

Hello,

I want to configure my squid proxy to work on port 80 with all incoming traffic. My router runs Trustix Secure Linux and uses shorewall. So basically I want all requests for port 80 to go through the squid proxy server.

I have configured it with your adzapper script as well void.

Thanks in advance,
John

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

You want to search for "transparent proxy using squid". I believe there are plenty of instructions at the squid-cache site. Basically you just use iptables to redirect port 80 to the squid port and make 1 or 2 config changes. I don't believe you can use authentication if you are using a transparent proxy (or I would have mine set up that way).

X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:

Post by X11 »

Well I am having troubles getting the barsted to run at all...
root@minamoto /etc/squid# service squid start
Starting squid: [ OK ]
root@minamoto /etc/squid# ps aux | grep squid
root 13685 0.0 1.0 1444 460 pts/2 S 03:06 0:00 grep squid

X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:

Post by X11 »


User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

It would be a lot easier to see the errors in your log(s) indicating why it isn't starting. See /var/log/messages and /var/log/squid/*

X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:

Post by X11 »

May 12 06:45:40 minamoto squid: Starting squid: succeeded
May 12 06:45:41 minamoto (squid): The redirector helpers are crashing too rapidly, need help!

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Heh heh, I've never seen that error. I have always been able to just "service squid start" with a default configuration file and it starts right up. Then I make one change at a time until I break it and then back off one step and figure out what I did wrong. :)

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Actually I just got a chance to read this again and it would appear it is related to a problem with the redirect script (adzap). I would take that out and see if Squid starts. Can you run the redirect script on the command line without it crashing? Is the path to it right in the squid.conf? Are the permissions set so the squid user has access to it?

X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:

Post by X11 »

Rightio, I changed the permissions of the adzapper script and its now working like a charm.

X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:

Post by X11 »

Code: Select all

While trying to retrieve the URL: /

The following error was encountered:

    * Invalid URL 

Some aspect of the requested URL is incorrect. Possible problems:

    * Missing or incorrect access protocol (should be `http://'' or similar)
    * Missing hostname
    * Illegal double-escape in the URL-Path
    * Illegal character in hostname; underscores are not allowed 

Your cache administrator is webmaster. 
I got the redirect running but all pages would just show up with that error. I followed this guide: http://www.shorewall.net/Shorewall_Squid_Usage.html

And I simply added these rules to my /etc/shorewall/rules

Code: Select all

# Squid redirector.
REDIRECT       loc             3128            tcp     www
ACCEPT         fw              net             tcp     www

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

So I am confused. Is it working now or is it not working now? The above post appears to me that you added the shorewall rules and it solved your problem, but it could also read that it didn't solve your problem. I am confused.

X11
guru
guru
Posts: 676
Joined: Sun Jan 19, 2003 11:09 pm
Location: Australia
Contact:

Post by X11 »

I can run it as a normal proxy but running it invisible gives me errors.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Should I assume that you mean "transparent" when you say "invisible"? Have you read the Squid docs on configuring your proxy for being a transparent proxy?

http://www.squid-cache.org/Doc/FAQ/FAQ-17.html

Post Reply