Posted on 2007-10-01
Last Modified: 2010-03-17
how to disable proxy in squid 2.6 STABLE10
Question by:askar73
    LVL 19

    Expert Comment

    /etc/init.d/squid stop
    chkconfig squid off
    LVL 13

    Expert Comment

    The whole point of squid is to proxy http traffic.  There is no actual way within squid to stop proxying requests.  Alextoft's solution will do exactly what you need unless you have iptables rules redirecting traffic in which case you will need to delete these rules and put in a masqurade rule.
    LVL 19

    Expert Comment

    if you are using transparent caching, then you can just add a rule to your iptables to not forward that source ip to squid:
    iptables -I PREROUTING -t nat -s IP.THAT.WILLBE.DIRECT -p tcp --dport 80 -j ACCEPT

    if what you do not want is caching but proxy, or whatever else:

    Author Comment

    I Just want to use squid as a transparent proxy which will authenticate every source ip through my firewall and no one should use proxy setting to by pass the route.In squid 2.4 there is an option called httpd_accel_with_proxy to disable proxy but in squid 2.6 there is no option called httpd_accel_with_proxy.Is there any other way to disable proxy in squid 2.6?!
    LVL 19

    Expert Comment

    I remember disabling direct access to squid with
    iptables -A PREROUTING -t nat -s localnetwork/24 -p tcp --dport 3128 -j DROP

    being before the redirect rule to squid... you could give it a try
    LVL 19

    Accepted Solution

    Hi askar73

    I figured out what you were asking. please check this

    the other way I disabled direct connections to the proxy was

    #Assuming eth0 is the local interfase:
    # disable direct connection to port 3128
    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3128 -j DROP
    # now redirecting anything going to port 80 to 3128. it works!
    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

    that way direct connections do not work, while transparent redirects do. is that what you asked?
    LVL 1

    Expert Comment

    Forced accept.

    EE Admin

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Join & Write a Comment

    I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
    Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now