On 2014-07-04 16:56, winetbox wrote:
ok, it's done. it works now on 1 eth.
all i did:
on squid:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 3129
on mikrotik:
remove all redirect NAT, create a route to squid machine as internet
gateway, create a mangle where src-nat from clients dst-port=80, are
all
routed to proxy gateway.
i have another problem though, i do:
# tail -f /var/log/squid3/access.log | grep TCP_HIT
and if i:
# tail -f /var/log/squid3/access.log
i see everything is TCP_MISS, for example:
1404449047.279 2035 192.168.14.3 TCP_MISS/200 327 POST
http://makasar.speedtest.telkom.net.id/speedtest/upload.php? -
HIER_DIRECT/118.98.104.242 text/html
1404449049.441 4211 192.168.14.3 TCP_MISS/200 327 POST
http://makasar.speedtest.telkom.net.id/speedtest/upload.php? -
HIER_DIRECT/118.98.104.242 text/html
1404449052.162 2630 192.168.14.3 TCP_MISS/200 327 POST
http://makasar.speedtest.telkom.net.id/speedtest/upload.php? -
HIER_DIRECT/118.98.104.242 text/html
1404449052.966 3419 192.168.14.3 TCP_MISS/200 327 POST
http://makasar.speedtest.telkom.net.id/speedtest/upload.php? -
HIER_DIRECT/118.98.104.242 text/html
something i missed? if if i don't wrongly recall, my last squid(squid
2.9)
access.log, don't have HIER_DIRECT, it is just DIRECT.
Means the same thing. "HIER_" is a cosmetic bug, should be fixed in
current releases.
Amos
