Enhancement #2072

Squid: add bypass rules for trasparent proxy

Added by Giacomo Sanchietti about 8 years ago. Updated almost 8 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-squid
Target version:v6.4-beta2
Resolution: NEEDINFO:No

Description

Implement bypass of transparent proxy.
The user should be able to define a list of ip which can directly access the web without been proxied.

The rule should be local to Squid configuration.


Related issues

Related to Nethgui - Enhancement #2073: TableController: support empty rows (keys only) CLOSED 08/29/2013 08/30/2013
Related to NethServer 6 - Bug #2111: Proxy: web traffic is blocked when Squid is disabled and ... CLOSED

Associated revisions

Revision bc5a9dd5
Added by Giacomo Sanchietti about 8 years ago

tcrules template, db defaults: add bypass rules. Refs #2072

Revision 72379f0d
Added by Davide Principi almost 8 years ago

TabularValueAdapter: added degraded test (rows with no props). Refs #2072

Revision 3955b10d
Added by Davide Principi almost 8 years ago

TableAdapter: added test case. Refs #2072

Revision 8eae0cca
Added by Davide Principi almost 8 years ago

Proxy UI module: added Bypass submodule. Refs #2072

Revision de04aad7
Added by Giacomo Sanchietti almost 8 years ago

web ui: call nethserver-squid-save after bypass rules modification. Refs #2072

History

#1 Updated by Giacomo Sanchietti about 8 years ago

  • Status changed from NEW to TRIAGED
  • % Done changed from 0 to 20

#2 Updated by Giacomo Sanchietti about 8 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#3 Updated by Giacomo Sanchietti about 8 years ago

Added Bypass property to squid key. The new property contains a list of ip address which will be excluded from transparent proxy.

Example:

squid=service
    Bypass=192.168.1.22,192.168.1.24
    Mode=transparent
    NoCache=
    ParentProxy=
    Runlevels=2,3,4,5
    TCPPort=3128
    TCPPorts=3128,3129,3130
    status=enabled

#4 Updated by Giacomo Sanchietti almost 8 years ago

  • Description updated (diff)

#5 Updated by Davide Principi almost 8 years ago

Added the Bypass submodule in nethserver-squid|8eae0cc

#6 Updated by Giacomo Sanchietti almost 8 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#7 Updated by Giacomo Sanchietti almost 8 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
New package in nethserver-testing:
  • nethserver-squid-1.0.3-5.0gitbf99ef2d.ns6.noarch.rpm
Test case
  • Enable transparent proxy, check clients are using Squid to access web pages (see /var/log/squid/access.log)
  • Add an IP to bypass list, check the given IP is no more using Squid (no entries in /var/log/squid/access.log)

See also #2111

#8 Updated by Davide Principi almost 8 years ago

Packager note

This modification must be released after enhancement #2073, delivered by RPMs:
  • nethserver-nethgui-1.2.3-11.0git06fa2052.ns6.noarch.rpm
  • nethserver-httpd-admin-1.0.5-2.0git1ca852bd.ns6.noarch.rpm

#9 Updated by Davide Principi almost 8 years ago

  • Assignee set to Davide Principi

#10 Updated by Davide Principi almost 8 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 70 to 90

VERIFIED

    # rpm -qa | grep ^neth | sort
nethserver-base-1.4.1-12.0gitce7f7f4e.ns6.noarch
nethserver-firewall-base-1.0.5-1.ns6.noarch
nethserver-grub-1.0.1-1.ns6.noarch
nethserver-httpd-admin-1.0.5-2.0git1ca852bd.ns6.noarch
nethserver-lib-1.3.1-1.0git2f4e0795.ns6.noarch
nethserver-nethgui-1.2.3-12.0git5b9e9170.ns6.noarch
nethserver-ntp-1.0.4-1.ns6.noarch
nethserver-openssh-1.0.2-3.0git38f86fc0.ns6.noarch
nethserver-php-1.1.0-1.ns6.noarch
nethserver-release-6.4-3.0gite4f69d31.ns6.noarch
nethserver-shorewall-1.0.1-3.0git29edddbd.ns6.noarch
nethserver-smartd-1.0.0-1.ns6.noarch
nethserver-squid-1.0.3-5.0gitbf99ef2d.ns6.noarch
nethserver-yum-1.1.1-1.ns6.noarch

#11 Updated by Giacomo Sanchietti almost 8 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
In nethserver-updates:
  • nethserver-squid-1.0.4-1.ns6.noarch.rpm

Also available in: Atom PDF