I am also all ears, The transparent proxy without an IP address was my first attempt - but then I succumbed to the pressures of a due date and just eventually assigned an IP address to the bridged interfaces. I suspect that it will have to be done with ip route 2 package - but even the one-way NAT does not make your machine transparent as you need to reply to ARP requests to allow the returning packet to find your machine/application.... PS, could this list please add a reply-to field to just allow me to reply to the list and not to the poster.... (so sorry Benny Amorsen for the other email). Kind Regards Etienne Benny Amorsen wrote: >>>>>> "JL-S" == Julian Lyndon-Smith <asterisk at dotr.com> writes: >>>>>> > > JL-S> So, I changed the ip address to 0.0.0.0. Everything except squid > JL-S> still worked. I presume that's because it does not know how to > JL-S> route the data to get stuff. > > JL-S> Can I add a rule to iptables or something to say "anything > JL-S> that's come from eth1 into the local box, after processing send > JL-S> to eth0" and vice-versa ? > > How about using 127.0.0.1 or something else on the local subnet? > iptables should be able to redirect to that. > > I don't know how you'll get traffic from squid out of the box though. > If you know a way to make squid reuse the original clients address in > the outgoing connection, I'm all ears. > > > /Benny > > > _______________________________________________ > Bridge mailing list > Bridge at lists.osdl.org > https://lists.osdl.org/mailman/listinfo/bridge > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.osdl.org/pipermail/bridge/attachments/20060825/58287b4c/attachment.htm
