On 22/04/2015 7:31 a.m., jaykbvt wrote: > Hi Amos, > > Thanks for reply, > > I think I got ur point. If I understood correctly, > > if a user makes request for http://www.wikipedia.org then the client request > header should look like: > > src: client_IP:random_port > dst: wikipedia.org(ip_address):http > http request: http_request details. (host,url,etc..) > > and squid should get the packet like that. correct. > > But since Cisco ISG is in between which seems to be changing the client > request header like: > > src: client_IP:random_port > dst: squid_IP:http > http request: http_request details. (host,url,etc..) > > and eventually squid fails to understand where to send http_request. correct. > > And thats why we should look at cisco ISG config. yes. > > my iptables config looks like: > > iptables -t nat -A PREROUTING -s 10.58.200.33 -p tcp --dport 80 -j ACCEPT > iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination > 10.58.200.33:3129 > iptables -t nat -A POSTROUTING -j MASQUERADE > iptables -t mangle -A PREROUTING -p tcp --dport 3129 -j DROP > And correct. Thats all we can help with I'm afraid until at least the Cisco issue is resolved. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
