Sunday, February 14, 2010

Transparent Proxy with squid

squid.conf:

* httpd_accel_host virtual
* httpd_accel_port 80
* httpd_accel_with_proxy on
* httpd_accel_uses_host_header on
* acl our_networks src xx.xx.xx.xx yy.yy.yy.0/24
//xx.xx.xx.xx -> ip for outgoing interface
//yy.yy.yy.0 -> internal IP
* http_access allow our_networks
* http_access allow localhost
* http_access deny all


Script for iptables:

// eth0 -> internal NIC
// eth1 -> outgoing NIC
iptables --flush # Flush all the rules in filter and nat tables
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Elevating LLM Deployment with FastAPI and React: A Step-By-Step Guide

  In a   previous exploration , I delved into creating a Retrieval-Augmented-Generation (RAG) demo, utilising Google’s gemma model, Hugging ...

  • 15401 error
    Error 15401: Windows NT user or group '%s' not found. Check the name again. SELECT name FROM syslogins WHERE sid = SUSER_SID ('Y...
  • Change SQL Server Collation in a clustered environment
    start /wait D:\Servers\setup.exe /qn VS=[VIRTUALSERVER] INSTANCENAME=[MSSQLSERVER] REINSTALL=SQL_Engine REBUILDDATABASE=1 ADMINPASSWORD=[CUR...
  • Epicor E4SE and eBackoffice Go Live
    Finally, it is time. E4SE 811 and eBackoffice 736 will replace our current 810b/735a environment after staying so many years. Just got the n...