Re: [squid-users] [help] setting up firewall policy for transparent (single-homed host) proxy

From: Indunil Jayasooriya <indunil75@dont-contact.us>
Date: Mon, 14 Jan 2008 12:04:09 +0530

> on your squid box,
> pls add below rule.
>
> iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j
> REDIRECT --to-port 3128

Where did you add below SNAT rule? On squid box or iptables box ?
it should be added to iptables box. NOT to SQUID box.

> in addition to that, Your squid box needs a SNAT rule , if it is
> behind the SNATed networlk. Pls add it to iptables box.

> rule like below. 1.2.3.4 is the external ip of iptables firewall box and ip address
> 192.168.101.1 is the ip address of squid box. pls change it
> accordingly
>
> iptables -t nat -A POSTROUTING -o eth0 -s 192.168.101.1 -j SNAT
> --to-source 1.2.3.4

-- 
Thank you
Indunil Jayasooriya
Received on Sun Jan 13 2008 - 23:34:12 MST

This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:04 MST