Squid transparent proxy for outgoing traffic only

I have a Rails server that's a bit API heavy and so I want to run a Squid caching transparent proxy, between all port 80 activity, and the real world. However I don't need incoming traffic to go through that Squid proxy. Eg

Rails -> Squid -> Internet Internet -> Rails 

I can't imagine this is an unusual setup but I can't seem to find any examples of it online. Following transparent Squid tutorials has just ended in all incoming traffic hitting the Squid proxy and outgoing traffic seemingly going straight past it (though I'm not so sure about that).

Here is ifconfig's output. I imagine it will be relevant to any answers.

eth0      Link encap:Ethernet  HWaddr f2:3c:91:ae:33:6b         inet addr:176.58.105.173  Bcast:176.58.105.255  Mask:255.255.255.0       inet6 addr: fe80::f03c:91ff:feae:336b/64 Scope:Link       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1       RX packets:330029 errors:0 dropped:0 overruns:0 frame:0       TX packets:185242 errors:0 dropped:0 overruns:0 carrier:0       collisions:0 txqueuelen:1000        RX bytes:333723993 (333.7 MB)  TX bytes:34410551 (34.4 MB)       Interrupt:44   lo        Link encap:Local Loopback         inet addr:127.0.0.1  Mask:255.0.0.0       inet6 addr: ::1/128 Scope:Host       UP LOOPBACK RUNNING  MTU:16436  Metric:1       RX packets:684735 errors:0 dropped:0 overruns:0 frame:0       TX packets:684735 errors:0 dropped:0 overruns:0 carrier:0       collisions:0 txqueuelen:0        RX bytes:54837497 (54.8 MB)  TX bytes:54837497 (54.8 MB) 

Replay

I wouldn't bother setting up a transparent proxy. Instead simply run Squid on 127.0.0.1:3128 and then use the Net::HTTP::Proxy stuff for your API calls. Documentation here. I don't recommend pumping everything through a proxy to start, but moving over specific calls until you get comfortable with the setup.

In regards to sizing your Squid cache, if you allocate a cache of 128MB Squid will use roughly 196MB total including the cache and overhead. If you think you're going to get close to the max memory of the machine I'd setup some monitoring of swap space which is usually your best indicator that you've oversubscribed memory.

Category: iptables Time: 2012-05-28 Views: 6

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development

search

Front-end development

Database

development tools

Open Platform

Javascript development

.NET development

cloud computing

server

Copyright (C) avrocks.com, All Rights Reserved.

processed in 0.108 (s). 12 q(s)