August 24, 2006

132 words 1 min read

Transparent Proxy for Squid

So I went to setup Squid 2.6 for a passive proxy. Apparently the geniuses changed around the configuration so the old style of using the “httpd_” configs no longer works. Granted its much simpler now, but no one warned me!!! Bastards! Now you just add “transparent” to the end of the http_port statement.

Detailed version of how to “passive proxy”.

1- Install Squid

2- Configure Squid for allow normal proxy’ing

3- Change the http_port statement to look something like: “http_port 3128 transparent

4- Add the following line to your firewall statement (where eth1 is the internal port):

iptables -t nat -A PREROUTING -i eth1 -p tcp —dport 80 -j REDIRECT —to-port 3128

5- Start everything up and rock and roll

(Oh, and putting this on your gateway/router is probably a GOOD idea)