# TRANSPARENT WEB-CACHING USING NETFILTER, IPROUTE2 AND SQUID.

 --IMPLEMENTATION-- 
ADDRESSES USED

10.0.0.1  [ netfilter iptables gateway server]
10.0.0.2  [ ICG Squid server]
10.0.0.3  [ Main Cisco router]
10.0.0.4  [ Ldap Server]
10.0.0.5  [ Ras]


	----------------\
	NETWORK DIAGRAM \
	----------------\

		INTERNET
		|
		[Cisco router 10.0.0.3]
		|
	------HUB/SWITCH------------------------------------------------------------------------
	|			|		|			|			|
	|			|		|			|			Etc.
	Netfilter		ICG		Ldap			RAS
	Iptables		Squid		Server			[ip=10.0.0.5]		[gw=10.0.0.1]
	Gateway 		Server		[ip=10.0.0.4]		[gw=10.0.0.1]
	Server			[ip=10.0.0.2]	[gw=10.0.0.1]		
[ip=10.0.0.1]			[gw=10.0.0.3]
[gw=10.0.0.3]


### REDIRECT PORT 80 TRAFFIC TO PORT 3128 ON MY SQUID SERVER

ICG-Squid #-> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

### POLICY ROUTING WITH IPROUTE2 AND IPTABLES ON NETFILTER IPTABLES SERVER

IPTABLES-NETFILTER #->	iptables -A PREROUTING -i eth0 -t mangle -p tcp --dport 80 -j MARK --set-mark 2

IPTABLES-NETFILTER #->  echo 202 www.out >> /etc/iproute2/rt_tables

IPTABLES-NETFILTER #->  ip rule add fwmark 2 table www.out

IPTABLES-NETFILTER #->  ip route add default via 10.0.0.2 dev eth0 table www.out

IPTABLES-NETFILTER #->  ip route flush cache

### DISABLE ICMP REDIRECTS
IPTABLES-NETFILTER #-> echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
IPTABLES-NETFILTER #-> echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
IPTABLES-NETFILTER #-> echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects

### SETUP IS COMPLETED ..NOW CHECK THE CONFIGURATION
IPTABLES-NETFILTER #-> iptables -t mangle -L
IPTABLES-NETFILTER #-> ip rule ls
IPTABLES-NETFILTER #-> ip route list table www.out
IPTABLES-NETFILTER #-> ip route ls