O.R.Senthil Kumaran a écrit :
> Hello,
> I have a machine which connects directly to internet using ADSL Modem.
> Operating System is Fedora Core 2.
> I want to setup a squid proxy server to test certain scenarios for a
> bug-fix I am working on.

> With this configuration, I am able to Proxy + Cache the requests when
> Browser is set to goofy.goofy.com:3128 ( My local machine, that is the
> same machine).
> But my problem is, I am able to directly connect to Internet also.
> BOTH are working!

Of course.

> I want the connection to Internet happen only through Proxy. I don't
> want Direct Internet connection to work. How do I do that?

So you want squid to act as a transparent proxy for locally generated
HTTP connections.

> I also tried the suggestions with iptables mentioned here:
> http://www.cyberciti.biz/tips/linux-...uid-howto.html
> But that did not help.

This page describes the setup for a transparent proxy on the gateway,
not on the local host. You need iptables to redirect local outgoing HTTP
connections, except those coming from the proxy itself (otherwise it'll
cause an endless loop).

iptables -t nat -A OUTPUT -p tcp --dport 80 \
-m owner ! --uid-owner -j REDIRECT --to-port 3128

or maybe

iptables -t nat -A OUTPUT -p tcp --dport 80 \
-m owner ! --uid-owner -j DNAT --to goofy.goofy.com:3128

where must be replaced with the owner of the squid process. Note
that neither the user nor the process may be named "squid".