Dear all, I try to configure a transparent web proxy through squid 3, here is the network topology Users -> Switch -> Internet Users means a couple of PCs, all of them have public IP, all of them are connected to a switch. One PC among them is designed to be a proxy machine. The switch is programmable, thus for the TCP packets with destination address 80, it can be re-directed to the proxy machine. For other packets, it will be forwarded further to the Internet. The programmable switch has been tested and works well. The proxy machine has installed squid3, the listening port is 3128, and we have configure 'http_port 3128 transparent' in squid.conf . One problem is this machine has only one NIC (eth0), thus we can not use the method proposed in http://freecode.com/articles/configuring-a-transparent-proxywebcache-in-a-bridge-using-squid-and-ebtables (using a bridge) I have tried several iptable settings, such as iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to xx.yy.zz.ii:3128 Neither of them works. Use 'tcpdump -i eth0' on the proxy machine, we can see the first packet of every HTTP request, forwarded by the switch, but nothing else. Could somebody provide me some hints on this? Thanks a lot! Best regards, Alex Chan
