Hi, Here is quick info on my environment - I have a CentOS 5.3 box server as firewall/gateway/router. It has two interfaces eth0 - public internetIP eth1 - internal network IP (10.9.32.1)
The server hands out DHCP to all clients, and the server is the gateway. I have installed squid proxy, and configured it to allow the local subnet, and added transparent option. I added this to my iptables # http proxy redirect -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.9.32.1:3128 -A POSTROUTING -o eth0 -j MASQUERADE The transparent caching now appears to work. However I came across this article which says this: "WARNING: This method of interception is not recommended. There are other methods such as Proxy.PAC and http_proxy environment variable which are as effective and less intrusive when multiple clients are involved." http://wiki.squid-cache.org/ConfigExamples/Intercept/AtSource So I am trying to find the better way to do this. This is what I have come up with so far but does not seem to be working: -A PREROUTING -i eth0 -p tcp --dport 80 -j ACCEPT -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 -A POSTROUTING -o eth0 -j MASQUERADE Is this correct? Does anyone have better suggestions on how to do this? Thanks. NOTE: This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please contact the sender by reply email and destroy or delete all copies of the message, including any attachments.
