You most likely should not have that SNAT rule in there. If you want
Squid to use a specific outgoing address then set this up by routing, or
if not possible by routing then use the tcp_outgoing_address directive
in squid.conf.
Regards
Henrik Nordström
Squid Developer
steve.fawcett1@btinternet.com wrote:
>
> Hi
>
> I have followed the informative guide http://www.linuxdoc.org/HOWTO/mini/TransparentProxy.html and am unable to make squid act as a transparent proxy. I am using Mandrake 8.1 with Squid-2.4STABLE1-8.1mdk. I checked the source RPM and it looks like it was configured with the --enable-linux-netfilter option. Squid works fine if I manually put the IP/port into the browser's proxy section.
>
> Output of iptables -t nat -L:
>
> Chain PREROUTING (policy ACCEPT)
> target prot opt source destination
> REDIRECT tcp -- anywhere anywhere tcp dpt:http redir p
> orts 3128
>
> Chain POSTROUTING (policy ACCEPT)
> target prot opt source destination
> SNAT all -- anywhere anywhere to:217.35.153.87
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
> Could anyone please offer any advice on how to test iptables to see if it is doing what it should be?
>
> Many thanks in advance
> Steve
Received on Mon Mar 25 2002 - 20:20:52 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:05 MST