Greetings, I am trying to determine if there is anyone possible I can preserve the real client IP's so they can be available to me in the log file.
Here is my scenario. Firewall running linux, redirects to an internal FreeBSD machine that is running squid. iptables -t nat -A PREROUTING -i ethx -s ! squid-box -p tcp --dport 80 -j DNAT --to squid-box:3128 iptables -t nat -A POSTROUTING -o ethx -s local-network -d squid-box -j SNAT --to iptables-box iptables -A FORWARD -s local-network -d squid-box -i ethx -o ethx -p tcp --dport 3128 -j ACCEPT The above rules are working fine, except for the fact the logs indicate the IP address of my internal firewall NIC. Is there any hope of preserving the real client IP via an iptables rule? Any help would be appreciated. Thank you.
