That rule should work fine, make sure you compiled squid with: ./configure --enable-linux-netfilter But for more usefull info :) Here is a nice HOW-TO http://en.tldp.org/HOWTO/TransparentProxy.html On Friday 27 February 2004 02:48, Tomasz Macioszek wrote: > Hello! > I have a Linux server acting as a gateway between internal network and > internet. The iptables rule set have been working good for long time. > I have configured squid on this server. When I have set internal network > client to use directly proxy server it has worked properly. But when I have > set iptable to redirect all http traffic to squid port (3128) it didn't > work (transparent proxy). > This is my iptable rule: > iptables -t nat -A PREROUTING -p TCP --dport 80 -j REDIRECT --to-port 3128 > I think that all options in my kernel are set properly. > I don't know why it doesn't work > I set tcpdump to listen on 3128 port and when client tried to connect to > web server on port 3128 showed only first IP package of this connection > and connections failed. > Could you send me a solution for this problem? > Best regards > Tomek -- _,.-:*"``'*:-.,_,.-:*"``'*:-.,_,.-:*"``'*:-.,_,.-:*"``'*:-.,_,.-:*"``'*:-.,_ Daniel Fairchild - Chief Security Officer | danielf@xxxxxxxxxxxxxxx The distance between nothing and infinity is always the same no matter how close you get to nothing.
