> I'm running: > > Squid Cache: Version 3.0.STABLE9 > configure options: > > and am using transparent proxying on a squid box that's behind my iptables > firewall. Everything works ok, however the access.log shows all requests > are coming from the firewall's IP instead of from my LAN's workstation > IPs. > > I used iptables rules similar to what I found on > http://tldp.org/HOWTO/TransparentProxy-6.html > > If I set the proxy manually on a browser, then the access log entries > appear as desired. I could manually set the proxy on all workstations, but > I'd rather have it work automatically if possible. Does anyone know if > what I want is possible? Thanks! The single-IP logging is due to the fact that Squid does not have access to a separate boxes NAT table. You need the squid box itself to be doing the NAT. Transparency is best done by directing packets through the squid box using WCCP tunneling, Policy Routing, or running Squid one the gateway/firewall box. As described at http://wiki.squid-cache.org/ConfigExamples/Intercept Amos
