On Sep 24, 2004, at 12:01 PM, Aleksandar Milivojevic wrote:
ms419@xxxxxxxxxxxxxx wrote:I'm setting up a transparent proxy to a remote proxy server & can't figure out why it doesn't work.
My gateway is tor; it's running Debian unstable, iptables 1.2.11-2, & a custom 2.4.27 kernel. My proxy server is wum; it's also running Debian unstable, squid 2.5.6-8, iptables 1.2.11-2, & a custom 2.6.7 kernel.
Physically, tor is connected by each of 3 NICs to an ADSL modem, to wum by a crossover cable, & to the rest of the network by a hub.
Logically, tor & wum are in 192.168.103.0/24; tor & the rest of the network are in 192.168.179.0/24.
Haven't done something like that myself, but wouldn't it be much simpler to implement it like this (using filter table for filtering, and nat table for NATing, as they were intended to be used):
Thank you sincerely for your suggestion! You are correct: It is simpler to use DNAT & MASQUERADE. I tried it & it works. But now, I am trying to avoid using NAT.
The problem with NAT (as I understand it) is it rewrites the destination address, which breaks HTTP/1.0 requests without a Host: header. By using policy routing, I hope to route traffic through wum without rewriting the destination address.
I'm using as my guide the Transparent Proxy HOWTO by Daniel Kiracofe.
I'm still not sure what is wrong - thank you very much for any help!
Jack