[Firehol-support] Transparent proxy - I wimped out

Costa Tsaousis costa at tsaousis.gr
Fri Jun 8 17:43:54 BST 2007


Daniel L. Miller wrote:
> OK, I'm trying to implement the transparent_squid, on the squid machine, 
> which is also setup now as the gateway for the LAN (which in turn 
> contacts the firewall to reach the Internet).
>
> I thought I'd start with something real basic.  Allow all trafic - but 
> implement the proxy.
>
> version 5
> transparent_squid 8080 proxy src 192.168.0.0/24
> interface any ALLNICS
>         policy accept
> router ALLROUTES
>         policy accept
>
> This compiles and runs, and my clients are indeed re-directed to the 
> squid proxy - but something's getting lost in translation.  Squid 
> returns an Invalid_Request error page.
>
> Did I miss something simple?
>
>   
Hi Danniel,

this seems to be a squid configuration problem. If I recall correctly, 
squid has to be told it is a transparent proxy, otherwise it expects 
proxy requests only and gives invalid request pages when it receives web 
server requests.

FireHOL does not translate the traffic.

Costa






More information about the Firehol-support mailing list