|
So I looked at the page regarding transparent
proxies at TLDP (http://tldp.org/HOWTO/TransparentProxy-6.html#ss6.1)
based on recommendations on this list and tried it out. I'm currently
not able to get the web client to access my test server. When I look at my
wireshark results on my proxy I get something like this:
1. 60.1.1.2
80.1.1.3 TCP xxxx > 80 [SYN]
2. 60.1.1.2
70.1.1.3 TCP xxxx > 3128 [SYN]
3. 70.1.1.3
60.1.1.2 TCP 3128 > xxxx [SYN, ACK]
4. 60.1.1.2
70.1.1.3 TCP xxxx > 3128 [RST]
60.1.1.2 -> web client
70.1.1.3 -> squid proxy
80.1.1.3 -> web server
My firewall has external and internal interfaces (with the internal
interface being 70.1.1.1). My proxy is able to access my web server
without issues. My squid has just these three lines changed:
http_port 3128 transparent
http_access allow all
visible_hostname proxy
The baffling thing is the client can access the server but only if I
explicitly tell it to use 70.1.1.3:3128.
I'm quite stumped and help would be appreciated. Thx.
- Joe |
