On Monday 19 July 2004 10:44 am, Joshua N Pritikin wrote: > On Mon, Jul 19, 2004 at 09:51:37AM +0100, Antony Stone wrote: > > On Monday 19 July 2004 3:00 am, Joshua N Pritikin wrote: > > > On Sun, Jul 18, 2004 at 06:44:22PM +0100, Antony Stone wrote: > > > > http://www.squid-cache.org/Doc/FAQ/FAQ-17.html#ss17.4 > > > > > > This FAQ doesn't address my question. I also looked at "Transparent > > > Proxy with Linux and Squid mini-HOWTO" by Daniel Kiracofe. > > > > > > So far, all docs assume that the squid-box and the browser box are > > > different machines. > > > > No, the link I posted is specifically for Squid + Netfilter on the same > > machine - you can tell this by the fact it uses REDIRECT, not DNAT. > > I tried that rule already. It only works for other machines on my > network which are using the proxy as a gateway. > > I am trying to do Squid + Netfilter + BROWSER on the same machine. Oh, right - I hadn't appreciated that part before. I thought you just meant transparent proxying to a proxy on the gateway instead of to a proxy somewhere else. In that case you either need to DNAT your OUTPUT packets, as per your previous posting, or else just tell the local browser to use the local proxy (which I suspect is much the simplest solution in terms of understanding when something odd happens in the future). Regards, Antony. -- Success is a lousy teacher. It seduces smart people into thinking they can't lose. - William H Gates III Please reply to the list; please don't CC me.
