On a bridge setup, I want to filter http traffic transparently through Squid. br0 bridge is between eth0 and eth1. In the bridged traffic there are some tagged VLANs. When I run tcpdump on br0 I see all the traffic from VLANs. At this point a DNAT (VLAN10Subnet - Any - http => Original - Localhost - 8080) does not work. When enabled VLANs by vconfig: vconfig add br0 26 I see br0.26 interface in ifconfig output. And DNAT is working. When I DNAT the traffic into port 8080 on localhost to Squid, I see that Squid gets the traffic and logs it into the log file. However, proxying will not happen. Reply can not be delivered to the original requester. We broke the connection. On the user side, HTTP traffic is cut. I think the problem is not having any IP on br0.26 from VLAN10Subnet. Because whole C class is divided into subnets of 255.252 having 2 usable IP address and both are used. Do you have any other idea on identifiying the problem? If you think the problem is what I see, how can I overcome this? Best Regards, Oguz. -- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
