Purchase Linux CDs / DVDs / Flash Drives at OSDisc.com

Welcome to Our Community

While Linux.org has been around for a while, we recently changed management and had to purge most of the content (including users). If you signed up before April 23rd, 2017 please sign up again. Thanks!

  1. More ways to get the info! - we shoot all of our new original content out as well as random messages on Twitter and our newsletter!. Twitter | Newsletter
    Dismiss Notice

Error transparent proxy squid on wi-fi network

Discussion in 'Linux Networking' started by Lenia, May 11, 2019.

  1. Lenia

    Lenia New Member

    Joined:
    May 11, 2019
    Messages:
    2
    Likes Received:
    0
    Hello, transparent proxy is a problem to my squid, i will need make transparent proxy squid on my wi-fi network, but have error to start squid.
    Chronology of my actions:


    (Log in to hide this advertisement)


    echo 1 > /proc/sys/net/ipv4/ip_forward

    iptables -t nat -A PREROUTING -i wlan0 -p tcp --destination-port 80 -j REDIRECT --to-port 3128

    iptables -t nat -L PREROUTING
    Chain PREROUTING (policy ACCEPT)
    target prot opt source destination
    REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128


    iptables -I INPUT 1 -p tcp --dport 3128 -j ACCEPT

    iptables -L INPUT
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    ACCEPT tcp -- anywhere anywhere tcp dpt:3128

    nano /etc/squid/squid.conf

    #
    acl manager proto cache_object
    acl localhost src 127.0.0.1/32 ::1
    acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
    acl localnet src 192.168.0.0/16
    acl SSL_ports port 443
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT
    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localnet
    http_access allow localhost
    http_access deny all
    http_port 3128 transparent
    hierarchy_stoplist cgi-bin ?
    coredump_dir /var/cache
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
    refresh_pattern . 0 20% 4320
    #

    service squid restart
    ● squid.service - Squid Web Proxy Server
    Loaded: loaded (/lib/systemd/system/squid.service; disabled; vendor preset: disabled)
    Active: failed (Result: exit-code) since Sat 2019-05-11 15:21:28 MSK; 1s ago
    Docs: man:squid(8)
    Process: 20400 ExecStartPre=/usr/sbin/squid --foreground -z (code=exited, status=0/SUCCESS)
    Process: 20403 ExecStart=/usr/sbin/squid -sYC (code=exited, status=0/SUCCESS)
    Main PID: 20404 (code=exited, status=1/FAILURE)

    мая 11 15:21:28 kali squid[20419]: ERROR: No forward-proxy ports configured.
    мая 11 15:21:28 kali squid[20419]: storeDirWriteCleanLogs: Starting...
    мая 11 15:21:28 kali squid[20419]: Finished. Wrote 0 entries.
    мая 11 15:21:28 kali squid[20419]: Took 0.00 seconds ( 0.00 entries/sec).
    мая 11 15:21:28 kali squid[20419]: FATAL: mimeLoadIcon: cannot parse internal URL: http://kali:0/squid-internal-static/icons/s
    мая 11 15:21:28 kali squid[20419]: Squid Cache (Version 4.6): Terminated abnormally.
    мая 11 15:21:28 kali squid[20404]: Squid Parent: squid-1 process 20419 exited with status 1
    мая 11 15:21:28 kali squid[20404]: Squid Parent: squid-1 process 20419 will not be restarted for 3600 seconds due to repeated,
    мая 11 15:21:28 kali squid[20404]: Exiting due to repeated, frequent failures
    мая 11 15:21:28 kali squid[20404]: Removing PID file (/var/run/squid.pid)

    Help me solve this problem
     
  2. Lenia

    Lenia New Member

    Joined:
    May 11, 2019
    Messages:
    2
    Likes Received:
    0
    I forgot to say, if you don’t write "transparent" on the "http_port 3128 transparent" line, squid works
     

Share This Page