squid-windows icon indicating copy to clipboard operation
squid-windows copied to clipboard

Published 20 hours ago verified publisher icon diladele

Is it possible to use transparent Squid on Windows?

Open ra-at-diladele-com opened this issue 9 years ago • 10 comments

"... currently use Windows 64bit 8.1 with 2 NIC, 1 with free internet access and other releasing access to LAN, squid 2.7.STABLE8. To redirect all traffic from port 80 to the squid, I'm using (SoftPerfect Bandwidth Manager 3.0.9 Full). My squid is in transparent mode (squid.conf with the line "http_port 3128 transparent") ..."

Need to check if this can be done with 3.5 build.

ra-at-diladele-com avatar Feb 10 '15 08:02 ra-at-diladele-com

Not currently possible.

See here: https://groups.google.com/forum/#!topic/quintolabs-content-security-for-squid-proxy/zEkabckH1S8

itskvad avatar Feb 11 '15 00:02 itskvad

Hi.

Any news for that? I am still using 2.7.STABLE8 because of that.

I also need transparent proxy. It is possible to enable it?

Thanks a lot.

tobiastromm avatar May 04 '17 01:05 tobiastromm

Hi @tobiastromm what windows version are you using in transparent mode for 2.7.STABLE8? I 've came across lot of discussions, and ends up here: http://lists.squid-cache.org/pipermail/squid-users/2017-May/015184.html

I am also looking for a transparent squid proxy solution for windows.

leiwen0614 avatar Jan 08 '18 06:01 leiwen0614

Hi @leilei8814.

You can download this Squid version here: http://squid.acmeconsulting.it/download/dl-squid.html

The diladele squid don't accept transparent proxy : ( I already send a mail for diladele...

If I can help you just mail me.

tobiastromm avatar Jan 08 '18 15:01 tobiastromm

Hi @tobiastromm thanks for your replay. May I ask what windows version are you using? we have to stick with windows server 2016.

leiwen0614 avatar Jan 08 '18 19:01 leiwen0614

Windows Server 2008 R2, but I think it can work with Server 2016.

tobiastromm avatar Jan 08 '18 19:01 tobiastromm

FYI: To those of you staying with Squid 2.7 because it allowed "transparent" to be configured. Please be aware that Squid-2 does not actually do what "transparent" is supposed to do. It simply ignores the NAT failures and opens your network to malware hiding behind the CVE-2009-0801 issues.

yadij avatar Aug 15 '18 14:08 yadij

"Transparent" working ok! Just set to ssl-bump, then redirect from server/gateway/machine from 80/443 to squid port.

ssteeltm avatar Feb 07 '19 15:02 ssteeltm

@ssteeltm if that alone works your Squid is broken. See my last comment. Windows lacks a way to get the mandatory NAT information from the OS to Squid. The PROXYv2 protocol is an attempt to work around this issue, but is not supported by most NAT systems.

yadij avatar Feb 08 '19 02:02 yadij

"Transparent" working ok!

Just set to ssl-bump, then redirect from server/gateway/machine from 80/443 to squid port.

你是如何做到的啊……能讲述下您的squid版本以及您的配置文件吗?ssl-bump如何配置

omaidb avatar May 21 '22 07:05 omaidb