lör 2008-04-19 klockan 10:15 +0530 skrev sekar it:
> Hello all,
>
> I have installed and configured the squid-3.0Stable1 in transparent
> mode with following options.
>
> http_port 3128 transparent
>
> I have redirected the traffic from my Gateway to Squid box with
> following rule. ( x.x.x.sq - squid box IP ) ( x.x.x.gw - gateway )
> -A PREROUTING -s ! x.x.x.sq -d ! x.x.x.gw -i eth0 -p tcp -m tcp
> --dport 80 -j DNAT --to-destination x.x.x.sq:3128
It fails becuase your Squid box has no clue that this traffic was
intercepted. From what it knows the traffic was directed directly to
Squid and that didn't make sense..
Don't NAT the traffic outside the Squid box. Instead use policy routing
to get the traffic delivered unaltered to the Squid box.
At the Squid box use the REDIRECT target (or DNAT, doesn't really matter
as long as it's the same box) to direct the traffic to Squid.
Regards
Henrik
Received on Tue Apr 22 2008 - 12:43:37 MDT
This archive was generated by hypermail 2.2.0 : Thu May 01 2008 - 12:00:04 MDT