On 17/05/2013 2:33 a.m., jimmah6786 wrote:
Yes these rules are i the -t nat table. So is it suppose to be a DNAT on the Squid box?? Which will NAT to itself? I thought REDIRECT will only translate the port and not touch the IP information??
REDIRECT is a special sub-type of DNAT which allows you to set only the port, and sets the IP to the machines "primary IP" whatever that is at the time is. Quite useful for NATing inbound traffic on DHCP assigned boxes to local processes like Squid.
Still stuck with Policy Based Routing working correctly to the squid box, but Squid not intercepting it.
Sounds a bit like RP filter or SELinux features of the Squid box getting in the way.
Amos
