transparent proxy

Antonio M antonio.montagnani at gmail.com
Fri Feb 29 18:20:43 UTC 2008 

2008/2/29, Antonio M <antonio.montagnani at gmail.com>:
> 2008/2/29, Antonio M <antonio.montagnani at gmail.com>:
>
> > My router (runnin F9) was acting as transparent proxy....
>  >  This morning when connecting my Skype fon it didn't connect!!! well I
>  >  connected my laptop and I was not able to surf the net, to read
>  >  e-mails. I was surprised because It worked fine since a long time.
>  >  My router has two NIC's, from the laptop I could not ping my modem!!
>  >  I mad ethe following tests:
>  >  I connected Firefox by Squid (and it was o.k.)
>  >  I disabled the forward HTTP connections to Squid Proxy putting a # in
>  >  front of line -A PREROUTING -p tcp -m tcp -i eth0 --dport 80 -j
>  >  REDIRECT --to-ports 3128
>  >
>  >  What is wrong (iptables or squid)???
>  >  iptables-1.3.8-6.fc9
>  >  squid-3.0.STABLE1-3.fc9
>  >
>  >  I think squid as latest release was installed two days ago, while
>  >  iptables is much older.
>  >
>  >  As attachment you will find my squid.conf file
>  >
>  >
>  >  # Generated by iptables-save v1.3.8 on Sun Nov 11 10:15:45 2007
>  >  *nat
>  >  :OUTPUT ACCEPT [0:0]
>  >  :PREROUTING ACCEPT [0:0]
>  >  :POSTROUTING ACCEPT [0:0]
>  >  -A POSTROUTING -s 192.168.0.0/24 -o ppp0 -j MASQUERADE
>  >  # Forward HTTP connections to Squid proxy
>  >  -A PREROUTING -p tcp -m tcp -i eth0 --dport 80 -j REDIRECT --to-ports 3128
>  >  COMMIT
>  >  # Completed on Sun Nov 11 10:15:45 2007
>  >  # Generated by iptables-save v1.3.8 on Sun Nov 11 10:15:45 2007
>  >  *mangle
>  >  :PREROUTING ACCEPT [138:11158]
>  >  :INPUT ACCEPT [50:6740]
>  >  :FORWARD ACCEPT [88:4418]
>  >  :OUTPUT ACCEPT [41:6038]
>  >  :POSTROUTING ACCEPT [129:10456]
>  >  COMMIT
>  >  # Completed on Sun Nov 11 10:15:45 2007
>  >  # Generated by iptables-save v1.3.8 on Sun Nov 11 10:15:45 2007
>  >  *filter
>  >  #Originale
>  >  #:INPUT ACCEPT [50:6740]
>  >  #:FORWARD ACCEPT [90:4518]
>  >  #:OUTPUT ACCEPT [41:6038]
>  >  #COMMIT
>  >  #fine originale
>  >  #inizio prova
>  >  :FORWARD DROP [0:0]
>  >  :INPUT DROP [0:0]
>  >  :OUTPUT ACCEPT [0:0]
>  >  -A INPUT -i lo -j ACCEPT
>  >  -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
>  >  -A FORWARD -i eth0 -j ACCEPT
>  >  -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
>  >  -A INPUT -i eth0 -j ACCEPT
>  >  COMMIT
>  >  #fine prova
>  >  # Completed on Sun Nov 11 10:15:45 2007
>  >
>  >
>  >  --
>  >  Antonio Montagnani
>  >  Skype : antoniomontag
>  >
>  >
>
> I forgot to say that after disabling the connection to Squid everything was o.k.
>
>
>  --
>  Antonio Montagnani
>  Skype : antoniomontag
>

I reverted to squid-3.0.STABLE1-2.fc9 and system works as expected.
I will file a bug
-- 
Antonio Montagnani
Skype : antoniomontag

More information about the fedora-test-list mailing list