I want to use SQUID 2.6.STABLE16 as transparent proxy. I have Linux fedora core 7 as router and squid is installed there also. Iptables configuration: *nat :PREROUTING ACCEPT [2844662:160578712] :POSTROUTING ACCEPT [168208:16839419] :OUTPUT ACCEPT [115780:8771449] #redirect http requests to squid -A PREROUTING -s 10.10.15.0/255.255.255.0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 # pass through NAT everything else -A POSTROUTING -s 10.10.15.0/255.255.255.0 -d ! 10.10.15.0/255.255.255.0 -o eth2 -j MASQUERADE COMMIT Squid configuration acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl our_network src 10.10.15.0/24 http_access allow manager localhost http_access deny manager http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow our_network http_access deny all icp_access allow all http_port 10.10.15.1:3128 transparent cache_dir ufs /var/spool/squid 10000 16 256 Everything works, instead Citrix Metaframe client (ICA32t.exe). When I try to connect to Citrix server I receive such message: "Cannot connect to the citrix MetaFrame server. Unable to contact the MetaFrame server browser. There may be network problems, or you may need to configure or correct the server address in the Server Location field" Here is access.log in squid: Tail -f /var/log/sguid/access.log 1196707494.281 81 10.10.15.30 TCP_MISS/404 1203 POST http://213.179.13.203/scripts/WPnBr.dll - DIRECT/213.179.13.203 text/html 1196707494.371 79 10.10.15.30 TCP_MISS/400 274 POST http://213.179.13.204/scripts/WPnBr.dll - DIRECT/213.179.13.204 - 1196707494.487 104 10.10.15.30 TCP_MISS/400 274 POST http://213.179.13.107/scripts/WPnBr.dll - DIRECT/213.179.13.107 - 1196707494.740 105 10.10.15.30 TCP_MISS/400 274 POST http://213.179.13.114/scripts/WPnBr.dll - DIRECT/213.179.13.114 - 1196707494.836 92 10.10.15.30 TCP_MISS/400 274 POST http://213.179.13.118/scripts/WPnBr.dll - DIRECT/213.179.13.118 - When I delete http redirection from iptables and set proxy address manually in internet explorer, citrix works fine. Access.log gives me such information: Tail -f /var/log/sguid/access.log 1196707587.173 349 10.10.15.30 TCP_MISS/200 11048 CONNECT gatewaynetworks.dainrauscher.com:443 - DIRECT/199.250.13.52 - 1196707587.242 51 10.10.15.30 TCP_MISS/200 39 CONNECT gatewaynetworks.dainrauscher.com:443 - DIRECT/199.250.13.52 - Also, I am able connect to citrix application without proxy server at all (through NAT). One more detail: when redirection is on and proxy server is set up manually in Internet explorer, citrix doesn't work also. Access.log: Tail -f /var/log/sguid/access.log 1196707035.421 753 10.10.15.30 TCP_MISS/200 18741 CONNECT gatewaynetworks.dainrauscher.com:443 - DIRECT/199.250.13.52 - 1196707036.550 86 10.10.15.30 TCP_MISS/404 1203 POST http://199.250.13.203/scripts/WPnBr.dll - DIRECT/199.250.13.203 text/html 1196707036.640 84 10.10.15.30 TCP_MISS/400 274 POST http://199.250.13.204/scripts/WPnBr.dll - DIRECT/199.250.13.204 - 1196707036.745 100 10.10.15.30 TCP_MISS/400 274 POST http://199.250.13.107/scripts/WPnBr.dll - DIRECT/199.250.13.107 - 1196707036.849 94 10.10.15.30 TCP_MISS/400 274 POST http://199.250.13.114/scripts/WPnBr.dll - DIRECT/199.250.13.114 - 1196707037.003 80 10.10.15.30 TCP_MISS/400 274 POST http://199.250.13.118/scripts/WPnBr.dll - DIRECT/199.250.13.118 - Where is a problem ? Please help, who knows solution. Thank you very much
