Hi, I think I remember that I've read that the 2.4 (squid) is better for the 2.4 (kernel) because of other memory menagement and other ip iplementation. Ciao ;-) Robert Rottscholl - DE tacchino801@libero.it wrote:
Hi, Robert
1 of all: Really many thanks for your answear and suggestion!
Now I go to install the squid v2.4! But let me know undestand better a concept...Do you think that Squid 2.4 is "required" to use transparent proxy with kernel 2.4?!
Great, You are beginning to speak Italian! ;-)
Thanks and regards Lorenzo
Hi Lorenzo,
I adopt that you use kernel 2.4.x! So if you use kernel 2.4.x you have to use squid 2.4 (because it has some advantages which take affect when using kernel 2.4.x). And I think you should reconfigure you redirect option like: FW_REDIRECT="192.168.1.0/24,!<SERVERIP>,tcp,80,3128 192.168.1.0/24,!<SERVERIP>,udp,80,3128"
I hope that will help you.
Ciao ;-)
Robert Rottscholl - DE
tacchino801@libero.it wrote:
HI, It is a long time that I read suse security mailing-list.
I figured my SuseFirewall1 v 5.0 and squid 2.3 for transparent proxy, all works well! I used Manuals of my "Suse 7.2 Pro" box.
Now I installed "Suse 7.3 Pro" I configured SuseFirewall2 script but I have a problem with SuseFirewall2 v2.0 and Squid 2.3. Transparent proxy does not work, and I can not understand why?
I used iptraf to see the connections...clients access directly to network and not through squid ip address!!
Networks Manuals of "Suse 7.3 Pro" are the same of "Suse 7.2" but the Suse Firewall is updated from 1 to 2! There are no specific mention to this!
I have configued the SuseFirewall2 script with this lines: FW_SERVICE_SQUID="yes" FW_REDIRECT="192.168.1.0/24,0/0,tcp,80,3128 192.168.1.0/24,0/0,udp,80,3128"
The squid.conf file is so configured:
httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on
Many thanks Lorenzo Rossi
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here