mas é isso mesmo q eu faço... como eu uso proxy transparente nao informo nada no navegador....o usuário automaticamente passa pelo proxy
Versão Imprimível
mas é isso mesmo q eu faço... como eu uso proxy transparente nao informo nada no navegador....o usuário automaticamente passa pelo proxy
Amigo,
então. Ficou assim:
modprobe iptable_nat
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
onde eth1 = placa de rede da internet
e eth0 = placa de rede interna.
porém continua nao acessando sites https.....
segue o meu squid.conf
visible_hostname frserver
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 8 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 8 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
cache_dir ufs /var/spool/squid 100 16 256
cache_access_log /var/log/squid/access.log
hosts_file /etc/hosts
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl REDE src 192.168.0.0
http_access allow REDE
http_access allow localhost
http_access allow all
http_reply_access allow all
icp_access allow all
coredump_dir /var/spool/squid
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
o meu arquivo de configuração das placas de redes está assim:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.0.1
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
# gateway 192.168.0.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 192.168.0.1
auto dsl-provider
iface dsl-provider inet ppp
provider dsl-provider
# please do not modify the following line
pre-up /sbin/ifconfig eth1 up # line maintained by pppoeconf
e o meu resolv.conf esta:
nameserver 200.149.55.142
nameserver 200.165.132.155
onde esses ips...são do velox.....
ja nao sei mais o que fazer para resolver....