Squid or iptables do not care how many hops away the station is, only which IP addresss they are using.
What I can think of is if your Squid server do not know how where to route the return traffic to those networks. Regards Henrik SSCR Internet Admin wrote: > > I have already set transparent proxying on my squid server, workstations' ip > addresses are masqueraded on iptables and invisibly redirected to squid 3128 > if anyone tries to bypass squid so those workstations are already can > connect to the internet without specifying squid 3128 on their browsers, but > those workstations which are 2 to 3 hops away from my proxy/firewalled > server cant connect to the internet directly or not even redirected to port > 3128 unlike those workstations that are 1 hop away from my server.. whats > happening? is there a bug on iptables or something that i have to tweak on > squid? > > Thanks. > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.463 / Virus Database: 262 - Release Date: 3/17/2003 > > -- > This message has been scanned for viruses and > dangerous contents on SSCR Email Scanner Server, and is > believed to be clean.
