Hello All, I am trying to build a transparent squid server on a Linux 2.6 kernel using the bridging code (br-nf) INTERNET_GW <====== BRIDGE/SQUID <======= Client Nat Router in this setup, the Client Nat router has the entire LAN behind it and the Client nat router will have its default gateway as the INTERNT_GW's IP address. The BRIDGE/SQUID box will have two Ethernet cards, one connecting to the "client Nat Router" and the other connected to the INTERNET_GW. The BRIDGE/SQUID box will have one IP address on which Squid will be listening of connections on. My aim is to transparently redirect http traffic passing from the "Client Nat Router" to the squid process configured on the router without altering the gateway of the Client NAt Router. Here are some of the ebtables/iptables that i have tried out but at this point... i am not sure of how proceed ebtables -t broute -A BROUTING --in-if $BR_IN -p IPv4 --ip-protocol tcp --ip-dport 80 -j redirect --redirect-target ACCEPT ebtables -t broute -A BROUTING --in-if $BR_IN -p IPv4 --ip-protocol tcp --ip-dport 21 -j redirect --redirect-target ACCEPT iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X modprobe ip_conntrack modprobe ip_conntrack_ftp modprobe ip_nat_ftp iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT iptables -A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i $BR_IN -j ACCEPT iptables -t nat -A PREROUTING -i br0 -p tcp –-dport 80 -j REDIRECT -–to-port $CACHE_PORT iptables -t nat -A PREROUTING -i br0 -p tcp –-dport 21 -j REDIRECT -–to-port $CACHE_PORT iptables -t nat -A PREROUTING -i $BR_IN -p tcp –dport 80 -j REDIRECT –to-ports $CACHE_PORT iptables -t nat -A PREROUTING -i $BR_IN -p tcp –dport 21 -j REDIRECT –to-ports $CACHE_PORT could anyone out there help me to explain how to progress? is this even possible at all?
