Hi, I have the following problem while trying to setup a squid in tproxy mode for a centralized solution. Our topology is: client -> R1 -> squid -> R1 -> Internet Note that server uses a public ip address which is the same for incoming and outgoing connections I am using squid 3.2.6 [tried3.2.7 without luck] in Debian Wheezy with linux kernel 3.2 and iptables 1.4.14 Squid.conf -- workers 1 debug_options ALL,4 client_db off http_port 80 tproxy http_port 8080 icp_port 0 iptables --- iptables -t mangle -F iptables -t mangle -N DIVERT iptables -t mangle -A DIVERT -i lo -j ACCEPT iptables -t mangle -A DIVERT -j MARK --set-mark 1 iptables -t mangle -A DIVERT -j ACCEPT iptables -t mangle -A PREROUTING -s <server_ip_address> -j ACCEPT iptables -t mangle -A PREROUTING -i lo -j ACCEPT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-ip 127.0.0.1 --on-port 80 Do I have to use WCCP on the router standing between theproxy andthe internet?? I cannot route the packets from the proxy tothe edge router while I can see incoming http packets from the clients. All incoming connection timeout while waiting for the reply from destination server
