I just realized that part 5 minutes ago... Sorry for the nuisance! In my
case I need to use as a proxy a different machine because otherwise I'd
have to set one per client with the same rules, which seems not very
scalable. The final schema would be this:
Client 1 \
Client 2 \
Client 3 -> squid3 server -> internet
Client 4 /
Client 5 /
Also, the server running squid3 as transparent proxy would be under a
different public IP and router than the clients (a remote server...
requirement of my company), and all of them are using just one network
interface. What iptables rules would I need to achieve this scenario?
Thanks!
El 16/07/2014 18:38, babajaga escribió:
there is just one network in both the client and server
side.<
On the client side,
I just added the OUTPUT DNAT iptables rule to make it match the 3128 IP
and port of the remote server.<
Sorry, I am a bit confused.
Pls, read carefully:
#Example for squid and NAT on same machine: !!!!!!!!!!!!!!!!!!!!!!
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination
SQUIDIP:3128
This also means, that client machine (running the browser, transparently)
and squid-machine are in the same net, and that squid then forwards the
request
to the real destination/server.
According to your posts, squid and NAT seem NOT to be on same machine.
--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Three-questions-about-Squid-configuration-tp4666931p4666949.html
Sent from the Squid - Users mailing list archive at Nabble.com.
