Red Hat Bugzilla – Bug 139685
squid transparent proxy not working anymore!
Last modified: 2007-11-30 17:10:54 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Description of problem:
Transparent proxy configurations
Working good on Fedora Core 2
After Upgrade to Fedora Core 3,
squid transparent proxy not working at all!
After Install Fedora Core 3 from scratch,
Squid transparent proxy still not working.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Config all steps need for a squid transparent proxy
2.Config iptable to redirect the traffic:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
3.Config cisco AS5350 to redirect the traffic
Actual Results: Squid transparent proxy not working!
Expected Results: Transparent proxy must working, (OK with Fedora Core 2)
There is not enough information in this bug to make a decent
diagnosis. Do the squid logs say that connections are being made
(don't post the entire log though)? You may also want to attach your
squid.conf and indicate any firewall rules you have.
Oops I forgot to mention is there any selinux related messages when
you do dmesg after trying to use the proxy?
Also does it work if you set a browser to use the proxy explictly?
disable selinux, then it works
Tran, I think you may have been a bit hasty marking this as NOTABUG.
I've seen squid working with selinux and all (and selinux is something
you really want turned on if you can).
Had you upgraded to the latest selinux policy pakcage? If so what
selinux errors were you seeing?
Yes what are the AVC messages you are in seeing in the
I'm using squid with transperent proxying and it is working. I'm
currently using selinux-policy-targeted-1.17.30-2.60. I upgraded from
FC2. Make sure you have the following 4 lines in your squid.conf.
I'm using the following iptables command:
iptables -t nat -A PREROUTING -s 192.168.1.0/255.255.255.0 -p tcp -m
tcp --dport http -j REDIRECT --to-ports 3128