It's that time of year again, and I'm working on setting up a temporary CentOS box to act as a proxy for SOME websites (not all) in our corporate environment Monday morning (Ok, Sunday is April 1st, but Monday is close enough, right?)!
I've never used Squid before, but my IT Director and I believe this is a worthy scenario to use it. The goal: flip images of SOME websites upside down within our corporate environment.
Per This Ubuntu How-to, I have installed Squid, Apache, and ImageMagick onto a fresh base install of CentOS 6.
I've copied and pasted the contents of flip.pl into /usr/local/bin and verified all files permissions. I then went into our Windows DNS server and added my own personal website (for testing purposes) to get those requests sent to the new proxy server.
Squid is running on its default port of 3128, and apache is running on its default port of 80. Since DNS (for the test URL) is set to point to this CentOS box, I've edited its own /etc/hosts to point the URL to the correct IP address so that Squid & Apache to get the content.
So now I'm to the testing phase. I'm going to the website testurl.com:3128, and it... times out. We will use the router's IP Tables to redirect traffic on the day of, but for now, I am just using the browser's URL to identify Squid's port, as you can see here.
I've verified (when I ping it) that it hits the CentOS box running Squid/Apache. I've also verified that there's a rule in this box's IP Tables to allow port 3128 and port 80:
[root@centos6 squid]# cat /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3128 -j ACCEPT
I do see this in Squid's cache log:
2012/03/30 16:33:26| WARNING: Forwarding loop detected for: GET / HTTP/1.1^M Host: www.my-test-url.com:3128
What do you suppose I am doing wrong or missing? Any ideas how we can accomplish this?
You want to setup a transparent proxy where your firewall is redirecting requests to the Squid server.