Greetings,
I am trying to determine if there is anyone possible I can preserve the real
client IP's so they can be available to me in the log file.
Here is my scenario.
Firewall running linux, redirects to an internal FreeBSD machine that is
running squid.
iptables -t nat -A PREROUTING -i ethx -s ! squid-box -p tcp --dport 80 -j
DNAT --to squid-box:3128
iptables -t nat -A POSTROUTING -o ethx -s local-network -d squid-box -j SNAT
--to iptables-box
iptables -A FORWARD -s local-network -d squid-box -i ethx -o ethx -p tcp
--dport 3128 -j ACCEPT
The above rules are working fine, except for the fact the logs indicate the
IP address of my internal firewall NIC.
Is there any hope of preserving the real client IP via an iptables rule?
Any help would be appreciated. Thank you.
Received on Sun Mar 07 2004 - 17:15:00 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:01 MST