On 6/08/2014 9:30 p.m., Babelo Gmvsdm wrote: > Hi, > > I would like to use a Squid Server only as an Internet Traffic Monitor. > To do this I used an Ubuntu 14.04 with Squid 3.3 on it. > > > I plugged the squid on a cisco switch port configured as a monitor destination. > The port connected to the backbone switch is configured as monitor source. > I configured the IP of the Squid to be the same as real gateway used by users. > I configured the squid to be in transparent mode with : http_port 3128 intercept > I put an iptable rule that should forward http packets to the squid on port 3128. > > Unfortunately it does not work. If I'm reading that right you now have two boxes using the same gateway IP for themselves. Which do the packets go to from the client? Where do the packets from Squid go when using the gateway IP as source address? Where do the TCP SYN-ACK packets go? Amos