> > Does it mean that now intercepting squid can only work on the gateway machine? > > No. It means that routers like yours need to be configured for policy > routing (aka "packet forwarding") instead of NAT port mapping (aka "port > forwarding"). > > This config was written particularly for the *WRT use case (but applies > to any Linux router): > http://wiki.squid-cache.org/ConfigExamples/Intercept/IptablesPolicyRoute Can you please make it even more clear: Squid 3.2 can be used on a separate machine and be transpanrent only if it's directly connected to the routing machine, right? Because routing tables can only send packets to gateways directly connected to them? I.e. I can't put my transparent proxy to internet, I need it to be in same IP space as my network interface? Could I do it in 3.1?
