|
|
我用squid+iptables设置透明代理,QQ可以正常使用,但是访问网页时网站名会被过滤,导致无法访问网页。例子如下:
如果我要访问http://news.sina.com.cn/c/2005-03-19/05046128436.shtml ,则会出现以下提示:
ERROR
The requested URL could not be retrieved
--------------------------------------------------------------------------------
While trying to retrieve the URL: /c/2005-03-18/23266127257.shtml
The following error was encountered:
Invalid URL
Some aspect of the requested URL is incorrect. Possible problems:
Missing or incorrect access protocol (should be `http://'' or similar)
Missing hostname
Illegal double-escape in the URL-Path
Illegal character in hostname; underscores are not allowed
Your cache administrator is root.
--------------------------------------------------------------------------------
Generated Sat, 19 Mar 2005 00:52:10 GMT by 192.168.1.1 (squid/2.5.STABLE3)
有人说是DNS的问题,但是输入某些利用IP访问的网站也一样。如果不用透明代理,直接在IE里输入代理地址就不会出错。
服务器:Eth0为外网网卡,eth1为内网网卡。192.168.1.1为代理服务器地址。
客户机:IP 192.168.1.9
掩码 255.255.255.0
网关 192.168.1.1
DNS 210.36.247.77
202.103.224.68
**************firewall**********************
echo "starting ip forward"
echo 1 >/proc/sys/net/ipv4/ip_forward
echo "starting iptables rules"
modprobe ip_tables
modprobe ip_nat_ftp
/sbin/iptables -F -t nat
#将所有80端口的包转发到3128端口
/sbin/iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
#对eth0端口进行欺骗
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
*********************squid.conf***************
#打开3128端口
http_port 192.168.1.1:3128
#cache的内存容量
cache_mem 64 MB
#cache的目录及容量
cache_dir ufs /var/squid/cache 120 16 256
#允许网吧内所有机器访问
acl all src 0.0.0.0/0
http_access allow all
#squid的运行用户及组
cache_effective_user squid
cache_effective_group squid
#http加速端口设置,透明代理能用上
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
visible_hostname 192.168.1.1 |
|
IP卡
狗仔卡
发表于 2005-3-19 15:13:33
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
楼主