[isf-wifidog] transparent proxy interfering with
auth.ilesansfil.org 15 minute grace period?
Daniel Enright
denright at atwaterlibrary.ca
Jeu 14 Avr 16:53:52 EDT 2005
Hey Guys,
I was not overly sure if I should post this to the volunteer list or
wifidog, but here it is either way...
Most of the normal ilesansfil users at atwater library are not having
problems. But now two people in a row had to use a lan PC for the 15
minute activation grace period. And I went and tested it on my own as
well...
Our setup works like this:
internet ->
(eth0/ppp0) debian transparent squid cache and other services
(eth2) wifi and (eth1) lan
squid.conf file:
acl ilesansfil.org dstdomain ilesansfil.org
acl loc.gov dstdomain loc.gov
no_cache deny QUERY ilesansfil.org loc.gov
snippits from iptables script:
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
# this is what redirects our traffic from port 80 to port 3128 for
transparent proxy stuff
# as you can see I have attempted to exclude ! ilesansfil.org
iptables -t nat -A PREROUTING -p TCP -d ! ilesansfil.org --dport 80 -j
REDIRECT --to-port 3128
Thoughts?
Daniel
Plus d'informations sur la liste de diffusion WiFiDog