Hai, Seems your network set-up is what might be ruining your connection expectations or the "default gateway" needs a rule (possibly using a firewall) to direct all HTTP traffic to the squid box rather than to the internet. Otherwise, think of the set-up below (with the Squid box the same as the Gateway) Internet Router >> Eth0 |- Squid box & Default Gateway -| Eth1 >> Switch >> LAN # Edz. On Mon, Dec 5, 2011 at 5:14 PM, Nguyen Hai Nam <nam.nh@xxxxxxxx> wrote: > > Hi Amos, > > You're right, switch is not really true. > > But I still can't find the way on Solaris-like system like /proc/sys/net/bridge > > > On Mon, Dec 5, 2011 at 7:25 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > > > > > > "Like a switch"? or or did you really mean "like a bridge"? > > > > * switch ... no solution. Switches do not perform the NAT operations > > required for interception. They also don't run software like Squid, so I > > think this is a bad choice of word in your description. > > > > * bridge ... requires dropping packets out of the bridge into the routing > > functionality. See the bridge section at > > http://wiki.squid-cache.org/Features/Tproxy4#ebtables_on_a_Bridging_device > > > > Amos
