Dnia 15-03-2010 o godz. 14:42 Henrik Nordström napisał(a): > mĂĄn 2010-03-15 klockan 14:00 +0100 skrev Hubert Choma: > > > iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT > > --to-port 8080 > > It's correct iptables rule ? > > Is eth0 the interface where clients traffic is arriving? > > If you are using wccp then the interface is usually a gre interface, not > ethx.. > > Regards > Henrik Hello Henrik Thanks for help ! I don't use WCCP eth0 its interface for WAN. Yes You have got right when eth0 is set then my site doesn't work from WAN side and LAN side. I changed it from eth0 to eth1 iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080 but sites are loading very long !! My topology UTM Router 192.168.1.1----->eth0 192.168.1.2 (services for WAN apache,FTP)---->eth1 192.168.0.1(on eth1 works squid 192.168.0.1:8080 as transparent proxy)---LAN XP clients 192.168.0.0/24 So I have 2 NAT : First UTM router SECOND Linux (Centos Router with - apache ftp and squid services) I would like to setup squid as transparent proxy for lan clients. I have a few doubts : 1) squid uses dns from resolv.conf so I have 3 nameservers nameserver 194.204.152.34 first dns from internet provider (DSL) nameserver 194.204.159.1 second dns nameserver 192.168.1.1 (UTM router) My public IP 83.18.17.30 is assigned to domain geodezja.wolomin.pl so what entries should i use to /etc/hosts ? Centos machine hostname is proliant. I have 2 Nics and 1 hostname=proliant so i think maybe it is a problem with correct resolve of internal LAN names. Look at my /etc/hosts How they should look like valid entries for the ProLiant machine with 2 NICS ?? # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost proliant 192.168.1.2 proliant 192.168.0.1 proliant.geodezja.wolomin.pl proliant #83.18.17.30 geodezja.wolomin.pl proliant 192.168.0.2 sm2 192.168.0.3 sm3 192.168.0.4 sm4 192.168.0.6 sm19 192.168.0.8 sm9 ::1 localhost6.localdomain6 localhost6 2) Maybe its iptables problem ??????? I still have error with /etc/init.d/squid start [failed] and in logs there are no warnings or errors !? Sorry for my english PLEASE HELP!
