Simon White wrote:
> I am using SRV_REDIRECT, and the firewall logs tell me that packets are
> redirecting to the Squid machine OK... but I can't surf, and I see nothing
> in access.log.
Should work..
any hints if you run "tcpdump -n" on the Squid box?
Do the Squid box know how to route packets back to the original client
proper?
> iptables -t nat -A POSTROUTING -o eth0 -s local-network -d squid-box \
> -j SNAT --to iptables-box
Don't do this. It breaks HTTP/1.0 clients. (more specifically clients
not sending Host: headers).
There is other ways to accomplish the redirection. The preferred one is
tunneling, but you can also use stateful routing to route all of the TCP
session including ICMP..
Received on Sat Mar 30 2002 - 09:55:55 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:13 MST