Squid problem

[MrMullen]

I am having problems with squid on my IP Masq machine. It's your standard eth0 = internet and eth1 = internal network machine. Eth0 gets it's IP from the ISP via DHCP and I have 192.168.0.1 assigned to eth1.

So here is the information:
I want to run squid on a firewall. I want all of the web connections (Port 80) to get routed to the squid cache and be processed by the squid cache. I want everything non-web and SSL not to get processed by the squid cache.
Here is my IPMasq/firewall rules:

#!/bin/bash
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -P INPUT DROP

########## Input Rules #############
iptables -A INPUT -i lo -j ACCEPT

#REJECT Auth
iptables -A INPUT -p tcp --dport 113 -j REJECT
iptables -A FORWARD -p tcp --dport 113 -j REJECT

#Allow connection through that we started internall
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

### Rules for internal lan
echo 1 >/proc/sys/net/ipv4/ip_forward
echo "8129" >/proc/sys/net/ipv4/ip_conntrack_max

# Net the internal network so internet works
iptables -A FORWARD -i eth1 -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A INPUT -i eth1 -p tcp --dport 22 -j ACCEPT

And then I do by hand afterwards:

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128

I start squid with this config. When I try to connect as I usually do, I get nothing. Nothing shows up in the squid logs and I assuming the port redirecting is working (I don't know, it might not).

I have two theories:
1) My squid config is all wrong.
2) My port redirection is not working.

Anyone have any idea?

[Guybrush]

Hi there,

when comparing your squid config with the transparent proxy howto (which can be found at Transparent Proxy with Linux and Squid mini-HOWTO ) you have to add 4 options:

httpd_accel_host virtual

httpd_accel_port 80

httpd_accel_with_proxy on

httpd_accel_uses_host_header on