Chris Robertson wrote:
Thanks Chris, this works well :) yum was the primary application I wanted to use the cache anyway, as my LAN consists entirely of Fedora 9 machines and it would save bandwidth to cache the updates. Mirroring the entire repository seemed a bit overkill in this case...Jonathan Gazeley wrote:I'm new to Squid. I've successfully set up a transparent cache on a server which is also the gateway/firewall/NAT for a small LAN. All the clients on my LAN use the cache properly. However, the server running the cache doesn't use its own cache. I've inserted what I thought were the correct rules into my iptables config:-A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128-A PREROUTING -s 127.0.0.1/32 -p tcp --dport 80 -j REDIRECT --to-port 3128 -A PREROUTING -s 192.168.0.1/32 -p tcp --dport 80 -j REDIRECT --to-port 3128 -A PREROUTING -s x.x.x.x/32 -p tcp --dport 80 -j REDIRECT --to-port 3128 (external public IP)I think it would need to be part of the OUTPUT chain. But you would have to do some sort of packet marking to avoid matching packets from Squid to the internet (lest you create a forwarding loop).It's probably far easier to set the environment variable "http_proxy" (e.g. "export http_proxy=http://localhost:3128";). Many utilities (YUM , apt, wget, etc) honor this.
Chris
