Tuesday, September 8, 2009

Squid Transparent proxy with Iptables

While configuring squid as a transparent proxy we have to Add only single word "transparent"  into the squid.conf file:

Find line

http_port 3128

and change to

http_port 3128 transparent

This line will make your Squid as Transparent proxy.

Then In Iptables we need to add following entries:

iptables -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128

eth0 = Private Network (LAN)
eth1 = Public Network IP

This command will redirect all requests which are coming from Private Network (LAN) for destination port 80 to 3128 (Squid Port). Then Squid will match all the ACL's criteria and forward request to Internet.

No comments:

Post a Comment