On Tue, Nov 07, 2006 at 02:01:00PM -0800, Dave_Thomas mailing lists wrote: > Why not run squid on port 80 and httpd on 3128? I don't see the need for > routing.
I'd still need the transparent redirection (which, BTW, I got working) For the archives, the rules I wound up using: ## Redirect all port 80 traffic to Squid caching server $IPTABLES -t nat -A PREROUTING -i eth1 -s ! 192.168.2.231 -d ! 10.3.3.0/24 -p tc p --dport 80 -j DNAT --to 192.168.2.231:3128 $IPTABLES -t nat -A POSTROUTING -o eth1 -s 192.168.2.0/24 -d 192.168.2.231 -j SN AT --to 192.168.2.1 $IPTABLES -A FORWARD -s 192.168.2.0/24 -d 192.168.2.231 -i eth1 -o eth1 -p tcp - -dport 3128 -j ACCEPT All I need now is some Squid reporting tool to make me some nice reports about who's visiting what web pages and for how long ;-) Oh, and while I'm at it, I better exempt myself and my officemate from the reporting! :-D -- *********************************************************************** * John Oliver http://www.john-oliver.net/ * * * *********************************************************************** -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
