lör 2008-04-19 klockan 10:15 +0530 skrev sekar it: > Hello all, > > I have installed and configured the squid-3.0Stable1 in transparent > mode with following options. > > http_port 3128 transparent > > I have redirected the traffic from my Gateway to Squid box with > following rule. ( x.x.x.sq - squid box IP ) ( x.x.x.gw - gateway ) > -A PREROUTING -s ! x.x.x.sq -d ! x.x.x.gw -i eth0 -p tcp -m tcp > --dport 80 -j DNAT --to-destination x.x.x.sq:3128
It fails becuase your Squid box has no clue that this traffic was intercepted. From what it knows the traffic was directed directly to Squid and that didn't make sense.. Don't NAT the traffic outside the Squid box. Instead use policy routing to get the traffic delivered unaltered to the Squid box. At the Squid box use the REDIRECT target (or DNAT, doesn't really matter as long as it's the same box) to direct the traffic to Squid. Regards Henrik
