Squid vs iptables = no Squid access.log?


 
Thread Tools Search this Thread
Special Forums IP Networking Squid vs iptables = no Squid access.log?
# 1  
Old 03-11-2012
Squid vs iptables = no Squid access.log?

Hello,

I have a pretty useless satellite link at home (far from any civilization), so I wanted to set up caching in order to speed things up. My Squid 2.6 runs "3128 transparent" and is set up quite well on a separate machine.
I also have my dd-wrt router to move all port 80 traffic through proxy:
Code:
#!/bin/sh
PROXY_IP=192.168.0.12
PROXY_PORT=3128
LAN_IP=`nvram get lan_ipaddr`
LAN_NET=$LAN_IP/`nvram get lan_netmask`
iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -I POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP
iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -

However, when I look into squid logs, they only grow when the proxy is set explicitly in browsers setup (manually). The access.log doesn't grow once the settings are cleared.

My expectations: if I have my router move all the port 80 traffic through squid, it should show up in the access.log

Any ideas?

---------- Post updated at 03:27 PM ---------- Previous update was at 01:17 PM ----------

OK, seems I've narrowed down the thing... What I want to do is route port 80 traffic from my network to the Squid. However - I do not want the traffic from Squid to the Internet to be looped back (Squid server is on the same subnet).
I already know why the logs didn't grow - the traffic wasn't routed to Squid at all! Point is, I have no idea on how to identify ethN ports in my router, so I assumed br0 would be OK. Apparently it isn't.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Proxy Server

How to use Squid on Linux to control certain IP to access Web Server and certain IP cannot access?

Dear all experts here, :) I would like to install a proxy server on Linux server to perform solely to control the access of Web server. In this case, some of my vendor asked me to try Squid and I have installed it onto my Linux server. I would like know how can I set the configuration to... (1 Reply)
Discussion started by: kwliew999
1 Replies

2. UNIX for Advanced & Expert Users

Change Log Path for Squid on Centos 6

I searched and did not find a useful answer. Can someone please tell me the best practice to change the log directory from /var/log to /opt/squid? (4 Replies)
Discussion started by: glev2005
4 Replies

3. Emergency UNIX and Linux Support

[solved] Block access to all sites except one using Squid

I need a Squid config that allows access to only one domain: .example.com Traffic should only be allowed through if coming from 10.100.0.0/24 and only port 80 (http) and port 443 (https) traffic should be allowed through, but again, only to this ONE domain. It Must be Squid (no iptables... (3 Replies)
Discussion started by: glev2005
3 Replies

4. UNIX for Advanced & Expert Users

squid: Allow access to only one site and only via 80 or 443

Can someone please give me the conf file line to allow access to myexample.com and only that site, and only through http and https? So far I have only that site accessible via http, but all https sites are opened. Squid 3.1 on Cent 6 ---------- Post updated at 12:06 PM ---------- Previous... (0 Replies)
Discussion started by: glev2005
0 Replies

5. IP Networking

squid and iptables

Hello all I have a little network as described below. A Linux router/proxy with the External interface: 192.168.121.240 Internal interface: 10.0.0.2 and a DMZ interface: 10.1.0.2 On the DMZ i have a linux with ip: 10.1.0.10 and apache2, php5, mysql and samba installed. On the internal... (0 Replies)
Discussion started by: davano
0 Replies

6. Emergency UNIX and Linux Support

Configure Squid to use LDAP group auth to deny internet access

Hi all We have squid-2.5.STABLE11-3.FC4 running in our environment. LDAP authentication works fine. Active Directory 2003 Users are prompted to enter credentials every time they access the net. The system works perfectly, but I need to configure Squid to block users in a specific AD group.... (1 Reply)
Discussion started by: wbdevilliers
1 Replies

7. UNIX and Linux Applications

How to redirect to squid login web page when internet access

Hi , I am new user. As you know when acl is defined in /etc/squid/squid.conf file according to its http_access users are able to access internet. Before that .htaccess asks them to access internet. It is fine. I saw in some customised linux servers in place of .htaccess login ,html web page... (1 Reply)
Discussion started by: sandeepvson
1 Replies

8. Shell Programming and Scripting

SH script to split squid log by date

Hi, I really need your help to make a script to split a large squid's log file into a multiple files, each of them containing the log entries for every logged date. To achieve the result I planned to use the function "date" with the first log field as a parameter using this syntax: date -d... (4 Replies)
Discussion started by: _MCRH_
4 Replies

9. UNIX for Dummies Questions & Answers

Help Me Squid Server

Hello! I'm trying config Squid Cache Server...Where ? Can me find document about config Squid (Basic)... Thanks you (4 Replies)
Discussion started by: binhnx2000
4 Replies
Login or Register to Ask a Question