> > I have a Squid running on 192.168.1.1 listening on 3128 TCP port. Users > > from 192.168.1.0/24 can browse the Internet without problems thanks to a > > REDIRECT rule in my shorewall config. > > > > But users from differents networks (192.168.2.0/24, 192.168.3.0/24, > > etc.) can't browse the Internet. Those networks are connected to > > 192.168.1.0/24 via a VPN connection. > > > > My redirect rule in iptables syntax is like this: > > > > iptables -t nat -A PREROUTING -s 0.0.0.0/24 -i eth2 -p tcp --dport 80 -j > > REDIRECT --to-ports > > > > Is there a restriction to work transparent proxy for other networks > > different from 192.168.1.0/24? Do I have to configure squid to listen on > > each range o network addresses? On 07.10.08 16:09, Amos Jeffries wrote: > Your current rule is restricting the REDIRECT to specific interface and > 0.0.0.0 source. not sure host that 0.0.0.0 bit works. It probably has to be 0.0.0.0/0 which matches ALL IP's. 0.0.0.0/24 matches only 0.0.0.* which is nearly the same as nothing. -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. (R)etry, (A)bort, (C)ancer
