[ale] Apache proxy/rewrite question

JK jknapka at kneuro.net
Sun Aug 27 11:11:10 EDT 2006


Christopher Fowler wrote:

> I'm trying to configure squid 2.6 STABLE on RH 7.2. to do transparent
> proxy.
> 
> I'm getting this in my browser:
> 
> ERROR
> The requested URL could not be retrieved

Hi Chris,

It's probably a Squid config problem. I fought with the same
error for hours, before buckling down and really reading the
whole default squid.conf, which prohibits almost everything
by default. Probably it has something to do with the
"httpd_accel_*" options, or possibly the "http_access_*"
ones.  Those affect how Squid figures out (a) what the
actual destination IP address of the requested URL is, and
(b) whether the client is allowed to access the proxy.
(It appears your squid is trying to fetch "/" from the
local host, which is probably not what you want.)

The other important thing is that in iptables, you need to use
a REDIRECT rule, NOT a DNAT rule, to send packets to the
transparent proxy port; otherwise the proxy (that is, Squid)
doesn't see the proper destination address.

Finally, make sure your redirector script prints a
newline after the transformed target URL.  I naively
thought that Perl's print() did that by default, but
eventually discovered the error of my ways.

-- JK




More information about the Ale mailing list