senthil wrote:
HI
I have installed Tproxy 4 .
I have done all the prerequisites like compiling kernel and installing
iptables 1.4 etc
When i create Bridge i cant able to browse in private ip
My network :
Internet ---> (eth1)squid machine(eth0)------>test client
eth1 -public ip
eth0 and test client ip ---->private in 172 series
But i able to browse in public ip and access is seen in log of squid
So if I understand you correctly, ... when you attempt to use a private
non-Internet IP address on the public Internet it fails?
Things to know:
* bridging is based around preserving the IP address unchanged across
the machine.
* TPROXY is based around preserving the IP address across the machine.
172 series IP addresses require NAT to contact the Internet.
* NAT is based around destroying the IP address. But maintaining
information such that any response can be copied back to the right client.
Since you have 172.* addresses coming in one side and being NAT'd I
advise dropping the bridge and tproxy usage. There is no point in going
to extreme lengths to preserve the IP address at such low level only to
destroy it as soon as it exits Squid.
The NAT interception setup for Squid should be sufficient.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE23
Current Beta Squid 3.1.0.16
