Am Montag, den 06.10.2008, 10:05 -0500 schrieb Jason Voorhees: > Hi all: > > I have a Squid running on 192.168.1.1 listening on 3128 TCP port. Users > from 192.168.1.0/24 can browse the Internet without problems thanks to a > REDIRECT rule in my shorewall config. > > But users from differents networks (192.168.2.0/24, 192.168.3.0/24, > etc.) can't browse the Internet. Those networks are connected to > 192.168.1.0/24 via a VPN connection. > > My redirect rule in iptables syntax is like this: > > iptables -t nat -A PREROUTING -s 0.0.0.0/24 -i eth2 -p tcp --dport 80 -j > REDIRECT --to-ports
I think the end of the tunnel from VPN is not the device eth2. The tunnel ends normaly at a bridge (br#) or a virtual device (like tun# or tap#). IMHO you must greate the same redirect-rule for the VPN-device. > Is there a restriction to work transparent proxy for other networks > different from 192.168.1.0/24? Do I have to configure squid to listen on > each range o network addresses? > > Thanks not sure, but i think thats the way. Sascha -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
