On Thu, Mar 01, 2007, Angela Burrell wrote:
Transparent redirection:
> This is the line in my firewall that redirects the HTTP requests from port
> 80 to port 3328:
> iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j
> REDIRECT --to-port 3328
>
> When I comment out this line, clients on the LAN can get through to the
> Internet. When the above line is implemented, we get the following error in
> all browsers, to all hosts. ERR_INVALID_REQ
>
> The following error was encountered:
> Invalid Request
> Some aspect of the HTTP Request is invalid. Possible problems:
> Missing or unknown request method
> Missing URL
> Missing HTTP Identifier (HTTP/1.0)
> Request is too large
> Content-Length missing for POST or PUT requests
> Illegal character in hostname; underscores are not allowed
> Your cache administrator is webmaster.
>
>
>
>
> Generated Wed, 28 Feb 2007 22:49:09 GMT by squid (squid/2.6.STABLE1)
>
> Here is my squid.conf file, hoping it will help.
> ############################
> http_port 3328
You need to add 'transparent' to this line, ie:
http_port 3328 transparent
And make sure you've compiled squid with --enable-linux-netfilter .
(And you also should upgrade, there's quite a few nasty bugs between squid-2.6.STABLE1 and
Squid-2.6.STABLE9.)
Adrian
Received on Thu Mar 01 2007 - 15:01:24 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 31 2007 - 13:00:01 MDT