Still struggling with transparent proxy
joe_tseng at hotmail.com
Thu Feb 21 21:53:47 UTC 2008
So I looked at the page regarding transparent proxies at TLDP (http://tldp.org/HOWTO/TransparentProxy-6.html#ss6.1) based on recommendations on this list and tried it out. I'm currently not able to get the web client to access my test server. When I look at my wireshark results on my proxy I get something like this:
1. 22.214.171.124 126.96.36.199 TCP xxxx > 80 [SYN]
2. 188.8.131.52 184.108.40.206 TCP xxxx > 3128 [SYN]
3. 220.127.116.11 18.104.22.168 TCP 3128 > xxxx [SYN, ACK]
4. 22.214.171.124 126.96.36.199 TCP xxxx > 3128 [RST]
188.8.131.52 -> web client
184.108.40.206 -> squid proxy
220.127.116.11 -> web server
My firewall has external and internal interfaces (with the internal interface being 18.104.22.168). My proxy is able to access my web server without issues. My squid has just these three lines changed:
http_port 3128 transparent
http_access allow all
The baffling thing is the client can access the server but only if I explicitly tell it to use 22.214.171.124:3128.
I'm quite stumped and help would be appreciated. Thx.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the fedora-list