Re: [squid-users] how to pass all internet traffic through squid

From: Marcello Romani <mromani@dont-contact.us>
Date: Mon, 12 Nov 2007 14:36:59 +0100

Tarak Ranjan ha scritto:
> Hi List,
> i have one squid 2.6 proxy server. current situation is as per
> browser settings for proxy...
>
> Direct Connection: users are directly connecting to internet, no logs
> are coming in access.log. not a single ACL is hitting for them
>
> Autodetect Proxy: same as Direct Connection
>
> Manual proxy: when anyone selecting manual proxy, that time only ACL and
> logs everything is coming for the corresponding IP/user.
>
> What i want, WHAT EVER THE CLIENT HAS SELECTED IN THEIR BROWSER.
> DIRECT/AUTO/MANUEL , ACL & LOG SHOULD COME. AND ALL THE INTERNET ACCESS
> TRAFFIC SHOULD PASS THROUGH SQUID......
>
> HERE IS MY ACCESS.LOG.....THOSE WHO HAVE SELECTED MANUAL PROXY
>
> 1194864803.351 756 192.168.1.40 TCP_MISS/200 394 POST
> http://mail.google.com/mail/channel/bind? - DIRECT/72.14.221.17 text/html
> 1194864803.566 1414 192.168.1.23 TCP_MISS/200 515 GET
> http://us.bc.yahoo.com/b? - DIRECT/203.84.204.69 image/gif
> 1194864824.677 455 192.168.1.117 TCP_MISS/200 2744 GET
> http://sb.google.com/safebrowsing/update? - DIRECT/72.14.217.91 text/html
> 1194864827.772 669 192.168.1.108 TCP_MISS/200 2349 GET
> http://rad.msn.com/ADSAdClient31.dll? - DIRECT/207.68.178.153 text/html
> 1194864828.219 60561 192.168.1.154 TCP_MISS/200 668 POST
> http://shttp.msg.yahoo.com/notify/ - DIRECT/216.155.194.239 text/plain
> 1194864828.851 1079 192.168.1.108 TCP_MISS/200 3825 GET
> http://ad.doubleclick.net/adj/N3977.MSN_homepage_in/B2559371;sz=234x60;ord=1511213470?
> - DIRECT/216.73.87.74 application/x-javascript
> 1194864828.910 58 192.168.1.108 TCP_IMS_HIT/304 321 GET
> http://m1.2mdn.net/879366/flashwrite_1_2.js - NONE/-
> application/x-javascript
> 1194864829.167 257 192.168.1.108 TCP_MISS/304 317 GET
> http://m1.2mdn.net/1234724/yahoo_dotcom_234x60.swf? -
> DIRECT/125.252.226.32 application/x-shockwave-flash
> 1194864829.436 225558 192.168.1.40 TCP_MISS/200 3260 GET
> http://mail.google.com/mail/channel/bind? - DIRECT/72.14.221.17 text/plain
>
> HERE IS MY CONFIGURATION FOR THE REFERENCE:
>
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl blocksites dstdomain "/etc/squid/squid-block.acl"
> acl blockfiles urlpath_regex -i "/etc/squid/multimedia.files.acl"
> acl malware_block_list url_regex -i "/etc/squid/malware_block_list.txt"
> acl SSL_ports port 443
> acl CONNECT method CONNECT
> http_access allow manager localhost
> http_access deny manager
> http_access deny blockfiles
> http_access deny blocksites
> http_access deny malware_block_list
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> acl lk_network src 192.168.1.0/24
> http_access allow lk_network
> acl local-servers1 dstdomain liqwidkrystal.com
> always_direct deny local-servers1
> acl local-servers2 dstdomain lk.com
> always_direct deny local-servers2
> http_access allow localhost
> http_access deny all
> http_reply_access allow all
> icp_access allow all
> http_port 192.168.1.3:8080 transparent
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> cache deny QUERY
> cache_mem 8 MB
> cache_dir ufs /var/spool/squid 100 16 256
> access_log /var/log/squid/access.log squid
> cache_log /var/log/squid/cache.log
> cache_store_log none
> logfile_rotate 7
> pid_filename /var/run/squid.pid
> log_fqdn off
> ftp_passive on
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
> acl apache rep_header Server ^Apache
> broken_vary_encoding allow apache
> cache_mgr tarak.ranjan@liqwidkrystal.com
> coredump_dir /var/spool/squid
>
>
> ******* WHAT ARE THE NECESSARY CHANGES I HAVE TO TAKE TO WORK SQUID AS I
> MENTIONED ABOVE.
>

You probably want to setup a transparent proxy...
oh, and btw PLEASE DON'T SHOUT we hear you just fine in lowercase.

thanks.

-- 
Marcello Romani
Responsabile IT
Ottotecnica s.r.l.
http://www.ottotecnica.com
Received on Mon Nov 12 2007 - 06:37:18 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST