[Chilli] Squid transparent proxy on same server

Isidor Zeuner chilli at quidecco.de
Thu Apr 15 09:32:01 UTC 2010

Hi Jason,

> How does it work? ( I could not find any further details on coova's website
> or wiki). Does chilli auto redirect the post-auth user received packets to
> the defined proxy server? Is it only port 80 destination traffic? Thus if
> squid is installed on the same box as coova (and apache), then and
> 3128 would be valid and correct entries?

Yes, the setting causes port 80 traffic to be routed through the
supplied proxy server, plus port 443 traffic if the HS_REDIRSSL is

I have used the "squid on the same box as chilli" scenario with squid
listening on virtual IPs on the block (because I had to
have squid distinguish between different configurations based on these
IPs), but I don't see why shouldn't work, too.

> I'm using Coova v1.2.1 and have set the config file proxy settings to
> 3128 but am not seeing any client activity in squid's access.log.
> I know squid is working properly, because if I define the proxy in a client
> browser then squid's access.log is recording the relevant entries.

Did you configure squid to run as a transparent proxy? This is most
likely not what you would have if it is used in a browser proxy
setting, but chilli's HS_POSTAUTH_PROXY setting expects a
transparent proxy.

With debug logging enabled, chilli will diagnostics like "rewriting
packet for post-auth proxy..." when using the proxy setting, which
might help to test your configuration.

Best regards,


More information about the Chilli mailing list