Search squid archive

Re: remote transaprent proxy works, but all access.log entries show same IP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> I'm running:
>
> Squid Cache: Version 3.0.STABLE9
> configure options:
>
> and am using transparent proxying on a squid box that's behind my iptables
> firewall. Everything works ok, however the access.log shows all requests
> are coming from the firewall's IP instead of from my LAN's workstation
> IPs.
>
> I used iptables rules similar to what I found on
>  http://tldp.org/HOWTO/TransparentProxy-6.html
>
> If I set the proxy manually on a browser, then the access log entries
> appear as desired. I could manually set the proxy on all workstations, but
> I'd rather have it work automatically if possible. Does anyone know if
> what I want is possible?  Thanks!

The single-IP logging is due to the fact that Squid does not have access
to a separate boxes NAT table.

You need the squid box itself to be doing the NAT. Transparency is best
done by directing packets through the squid box using WCCP tunneling,
Policy Routing, or running Squid one the gateway/firewall box.

As described at http://wiki.squid-cache.org/ConfigExamples/Intercept

Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux