[Chilli] Squid transparent proxy on same server

[Isidor Zeuner]

Hi Jason,

> 
> How does it work? ( I could not find any further details on coova's website
> or wiki). Does chilli auto redirect the post-auth user received packets to
> the defined proxy server? Is it only port 80 destination traffic? Thus if
> squid is installed on the same box as coova (and apache), then 127.0.0.1 and
> 3128 would be valid and correct entries?
> 

Yes, the setting causes port 80 traffic to be routed through the
supplied proxy server, plus port 443 traffic if the HS_REDIRSSL is
set.

I have used the "squid on the same box as chilli" scenario with squid
listening on virtual IPs on the 10.0.0.0/8 block (because I had to
have squid distinguish between different configurations based on these
IPs), but I don't see why 127.0.0.1 shouldn't work, too.

> I'm using Coova v1.2.1 and have set the config file proxy settings to
> 127.0.0.1 3128 but am not seeing any client activity in squid's access.log.
> I know squid is working properly, because if I define the proxy in a client
> browser then squid's access.log is recording the relevant entries.
> 

Did you configure squid to run as a transparent proxy? This is most
likely not what you would have if it is used in a browser proxy
setting, but chilli's HS_POSTAUTH_PROXY setting expects a
transparent proxy.

With debug logging enabled, chilli will diagnostics like "rewriting
packet for post-auth proxy..." when using the proxy setting, which
might help to test your configuration.

Best regards,

Isidor