Hi,
this is my scenario
router(linux eth0).........eth2(lusca)..............eth1(wan)
policy routing done for clients to reach to lusca (clients on private
ips 172.16.x.x)
lusca can ping clients and internet
tproxy redirection done as per :
iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -s 172.16.10.97 -m socket -j DIVERT
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY
--tproxy-mark 0x1/0x1 --on-port 3129
ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100
squid.conf
http_port 127.0.0.1:3128
http_port 0.0.0.0:3129 tproxy
but browsing give error :
Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
Missing or unknown request method
Missing URL
Missing HTTP Identifier (HTTP/1.0)
Request is too large
Content-Length missing for POST or PUT requests
Illegal character in hostname; underscores are not allowed
squid logs
[21/Apr/2013:13:04:42 +0530] "GET error:invalid-request HTTP/0.0" 400
3334 TCP_DENIED:NONE
works fine on iptables dnat and transparent directives
--
Nettlynx Networks
