[Firehol-support] Transparent proxy - I wimped out

Daniel L. Miller dmiller at amfes.com
Sat Jun 9 08:12:35 BST 2007


Costa Tsaousis wrote:
> Daniel L. Miller wrote:
>> OK, I'm trying to implement the transparent_squid, on the squid 
>> machine, which is also setup now as the gateway for the LAN (which in 
>> turn contacts the firewall to reach the Internet).
>>
>> I thought I'd start with something real basic.  Allow all trafic - 
>> but implement the proxy.
>>
>> version 5
>> transparent_squid 8080 proxy src 192.168.0.0/24
>> interface any ALLNICS
>>         policy accept
>> router ALLROUTES
>>         policy accept
>>
>> This compiles and runs, and my clients are indeed re-directed to the 
>> squid proxy - but something's getting lost in translation.  Squid 
>> returns an Invalid_Request error page.
>>
>> Did I miss something simple?
>>
>>   
> Hi Danniel,
>
> this seems to be a squid configuration problem. If I recall correctly, 
> squid has to be told it is a transparent proxy, otherwise it expects 
> proxy requests only and gives invalid request pages when it receives 
> web server requests.
>
> FireHOL does not translate the traffic.
That was it.  Thanks - works great!


-- 
Daniel




More information about the Firehol-support mailing list