October 12, 2024, 10:36:47 AM

News : LinuxSolved.com Linux Help Community Forum..


Author Topic: Configuring Squid Proxy server & Transparent Proxy  (Read 317593 times)

Offline nikeshshk

  • New Member
  • Posts: 2
Re: Configuring Squid Proxy server & Transparent Proxy
« Reply #165 on: June 19, 2009, 11:02:35 AM »
Hello all I am running through some problem with squid.

here is my squid.conf configuration
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access allow localhost
http_access deny manager
http_access allow Safe_ports
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

acl local src 192.168.0.0/24

acl test1 src 192.168.0.24

acl test2 src 192.168.0.66
http_access allow test1
http_access deny test2
acl sites dstdomain .gap.com .realplayer.com .yahoo.com
http_access deny sites
http_access deny local
http_access deny all

Ok what my problem is I cant deny ip 192.168.0.66 to access http
and also i cant deny the above list of sites to my client ip.

if i see access.log
i.e tail -f access.log
squid seems to be working because clients are going through squid and i can see what the clients are browsing.

what i feel is my rule on acl is not working properly.

Can anybody help me to get out of this trouble

Offline jahangir

  • New Member
  • Posts: 2
Re: Configuring Squid Proxy server & Transparent Proxy
« Reply #166 on: October 09, 2009, 05:21:30 PM »
NAT

Short for Network Address Translation, NAT as specified in RFC 1631 is an Internet standard that enables a local-area network (LAN) to use one or more IP addresses for internal traffic and a second for external. A network NAT is commonly used by home users to allow multiple computers to easily connect to a broadband connection. NAT is also used to hide internet network addresses by using the single NAT address.
Today there are two different variants of NAT used. NAPT which is short for Network Address Port Translation, NAPT and PAT which is short for Port Address Translation.

Also see: Network definitions, Proxy


 
Proxy server

A Proxy is a computer server or software program which is part of the gateway server or another computer that separates a local network from outside networks.
A proxy server will generally cache all pages accessed through the network. When a page is accessed that is not in the proxy servers cache the proxy server will access the page using its own IP address cache the page and forward it to the user accessing that page.

Users who wish to setup a proxy at home or home office to be used to share a internet connection VIA modem or other internet connection may wish to consider any of the following products:

- Sygate Home Network
- WinProxy
- SpoonProxy
- ShareTheNet

Also see: ICS, Network definitions www.mrhope.com/jargon/n/nat.htm