Read the entire question again... It has more to do with iptables than squid. You probably could do some type of fancy pre/post routing. What you would need to do is write a special routing entry that says anything on port 80 or 443 going out the firewall that is from any IP address other than the proxy server needs to be routed to the proxy. I'm not sure how to do this directly. But if the proxy server is in the firewall then the rules change. This is from the squid site. This redirects you to another port on the same server but what you want is iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 There is another module named tproxy (or something like that) which sounds like it might do what you want but it might require a kernel recompile. HTH Gary -----Original Message----- From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Askar Sent: Sunday, January 16, 2005 11:58 PM To: DurgaPrasad Adusumalli Cc: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: Performance of iptables with web proxy wrong list, why not ask in squid mailing list regards On Mon, 17 Jan 2005 11:33:07 +0530, DurgaPrasad Adusumalli <adusumallid@xxxxxxxxx> wrote: > I am using web proxy content filter (Dansguardian) to scan all > outgoing traffic from my LAN. I am using transparent proxying with an > iptable rule that forwards all outgoing traffic to web proxy. This > setup works but all the browsing activity gets slowed down. When I > configure my browser to use proxy Internet access gets faster. > > Can someone suggest me how can I enhance the performance of iptables > with this rule is place and without configuring my browser to use > proxy. > > Thanks in advance. > Durga Prasad. > > -- (after bouncing head on desk for days trying to get mine working, I'll make your life a little easier)
