Additionally, using the basic directions to set up a manual proxy is not enough and the proxy never works. Do I need two NICs for this? The documentation is very sparse and, in the case of v7, nonexistent – http://docs.nethserver.org/projects/nethserver-devel/en/v7/web_proxy.html as seen here.
Steps to replicate:
Install fresh from 1611 ISO.
Select the ‘web proxy’ checkmark and apply from the list of available software.
Allow to install, and complete.
Set proxy to manual from the web proxy section (bottom of the menu at left), and apply.
Get failure as above from the applications/lightsquid section.
Redirect a browser/OS to use the proxy server and it will not answer the browser.
Nmap reports that the port (3128) is open.
Access.log is empty, despite having just tested. Cache.log refers to a logswitch, though there’s no other files than cache.log(date).gz. The contents there: http://i.imgur.com/z3SenjM.png
Squid.out has 3 error messages, all the same: Warning: empty ACL: acl no_cache dstdomain “/etc/squid/acls/no_cache.acl”
After further testing, it seems that it works on the same segment as the nethserver, but requests from a different network segment are ignored by neth.
I disabled iptables and now:
1500923707.266 0 10.10.14.228 TCP_DENIED/403 3693 CONNECT www.google.com:443 - HIER_NONE/- text/html
Which leads me to suspect that the ACLs aren’t open enough for multiple networks.
So, basically, on a default configuration, the neth squid implementation is only valid for one local network.
Except that you cannot. Because the 10.10.10.0/24 network is already there, and unable to be removed through the web UI, it does not allow 10.10.0.0/16.