W dniu 29-Aug-12 13:20, Eliezer Croitoru pisze:
On 8/29/2012 1:15 PM, Pawel Mojski wrote:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to
ip.of.my.squid:8081 i have strange error.
it means that every packet the will go to port 80 will be redirected
to squid ip+port and it means that the packets from squid are the same
and will be looped.
you should use the "-j REDIRECT instead of -j DNAT .
also I recommend you to be explicit about the interface and ip's that
will be intercepted by the proxy.
No, they are not.
The first of all, The problem appers even with no redirection. For example.
If I start squid, then telnet localhost 8081, the do:
GET / HTTP/1.0
Host: aol.com
then squid are going to connect to himself to port 8081. And doing it in
a loop.
The second think is the ip address of the squid i public ip address and
the router when I'm, doing redirect is somewhere in the internet
(ofcourse added to accepted acl).
But, Let's forgot redirections. Why it not work when I just start a
squid and connect to 8081 port?
Regards;
Pawel
