> Hi all... > I am on my research deploying a transparent single-homed host proxy > server on my virtual network. My squid box is not on the same box where the > firewall applied. that means Transparent Proxy to a Remote Box. then, this is the URL for this. http://www.tldp.org/HOWTO/TransparentProxy-6.html where there are 2 methods, try the Second method (more complicated, but more general). But remember, you ne2d iproute2 pkg in additon to iptables. on your firewall, add belwo rules. iptables -t mangle -A PREROUTING -j ACCEPT -p tcp --dport 80 -s squid-box iptables -t mangle -A PREROUTING -j MARK --set-mark 3 -p tcp --dport 80 ip rule add fwmark 3 table 2 ip route add default via squid-box dev eth1 table 2 on your squid box, pls add below rule. iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 in addition to that, Your squid box needs a SNAT rule , if it is behind the SNATed networlk. rule like below. 1.2.3.4 is the external ip and ip address 192.168.101.1 is the ip address of squid box. pls change it accordingly iptables -t nat -A POSTROUTING -o eth0 -s 192.168.101.1 -j SNAT --to-source 1.2.3.4 another URL. remember. it is possible. http://lartc.org/howto/lartc.cookbook.squid.html I didn't have any idea how to set up the iptables running on > the firewall, As well as iptables, you must have installed iproute2 pkg. try and see. -- Thank you Indunil Jayasooriya
