I have installed squid v3.3.8 on CentOS 7 that has two interfaces as follows:
internal
interface: ens32
external
interface: ens33 > masquerade is enabled here
First of all, I enabled IPv4 forwarding:
sysctl -w net.ipv4.ip_forward=1
I want to be able to put ens32 IP address in my browser with port 3128 and be able to access internet, whether ftp, http or https. To honest, I need to make all traffic types allowed later on, but block some websites because some apps I use need tcp/udp traffic on different ports.
I added firewalld rule:
firewall-cmd --permanent --zone=internal --add-service=squid
I can telnet ens32 IP on port 3128!
As an unlucky beginning I left squid.conf as is, but added "intercept" after http_port 3128 to force traffic from ens32 to ens33. When I try to access internet from my browser, I always get the following:
The following error was encountered while trying to retrieve the URL: http://www.whatever.com
Access Denied.
Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
Your cache administrator is root.
I also don't know how to correctly create necessary firewalld rules in order to forward requests received on ens32 to ens33. All tutorials I read were using iptables, what I really want to use is firewalld. I am new to the whole linux world, I never studied iptables in the past.
I first need to make http requests work first, then I continue with the rest.
thanks in advance