I figured out why the rule is not working. The SQUID chain is called in another PREROUTE chain. When you have something set to PREROUTE then the -o (output interface) does nothing. Is it possible to get SQUID to transparent cache without using a PREROUTING chain?
Thanx, Roy -----Original Message----- From: Roy Walker Sent: Tuesday, April 27, 2004 4:56 PM To: '[EMAIL PROTECTED]' Subject: Transparent Proxy iptables rules - Help needed Hello, This is more of an iptables issue, but to get transparent proxy working you need iptables. Here is what I am trying to do: /sbin/iptables -t nat -A SQUID -i eth0 -p tcp -d ! 64.123.34.32/255.255.255.248 --dport 80 -j REDIRECT --to-port 800 -o eth1 If I take the -o off the rule works fine. However, only want traffic from eth0 and destined out eth1 to be proxied except when it is destined for the network specified by the -d. Anyone have any idea what is not right with that? Versions: Kernel 2.4.25 Squid 2.5-stable Iptables 1.2.9 Thanx, Roy
