I figured out why the rule is not working. The SQUID chain is called in
another PREROUTE chain. When you have something set to PREROUTE then
the -o (output interface) does nothing. Is it possible to get SQUID to
transparent cache without using a PREROUTING chain?
Thanx,
Roy
-----Original Message-----
From: Roy Walker
Sent: Tuesday, April 27, 2004 4:56 PM
To: 'squid-users@squid-cache.org'
Subject: Transparent Proxy iptables rules - Help needed
Hello,
This is more of an iptables issue, but to get transparent proxy working
you need iptables.
Here is what I am trying to do:
/sbin/iptables -t nat -A SQUID -i eth0 -p tcp -d !
64.123.34.32/255.255.255.248 --dport 80 -j REDIRECT --to-port 800 -o
eth1
If I take the -o off the rule works fine. However, only want traffic
from eth0 and destined out eth1 to be proxied except when it is destined
for the network specified by the -d. Anyone have any idea what is not
right with that?
Versions:
Kernel 2.4.25
Squid 2.5-stable
Iptables 1.2.9
Thanx,
Roy
Received on Tue Apr 27 2004 - 16:43:41 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:03 MDT