|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Once more: You are really absolutely sure you talking about Squid's transparent interception proxy? Well, let's open Squid's wiki: http://wiki.squid-cache.org/ConfigExamples/Intercept Please, read to us latest statement on this screenshot: https://i1.someimage.com/uKbfdot.png 27.10.2016 23:55, Eliezer Croitoru пишет: > Well this is the most efficient and less risker way. > I do not know MikroTik enough to the hardware but it has a routing engine so... routing policy. > In the past I wrote about it somewhere with details instructions on how to do it in a mikrotik. > > Eliezer > > ---- > Eliezer Croitoru > Linux System Administrator > Mobile: +972-5-28704261 > Email: eliezer@xxxxxxxxxxxx > > > -----Original Message----- > From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Yuri Voinov > Sent: Thursday, October 27, 2016 20:51 > To: squid-users@xxxxxxxxxxxxxxxxxxxxx > Subject: Re: Transparent and non Transparent at the same time > > > You absolutely sure, Eliezier? :) > > > 27.10.2016 23:46, Eliezer Croitoru пишет: > > You need routing policy not DNAT. > > > Eliezer > > > ---- > > Eliezer Croitoru > > Linux System Administrator > > Mobile: +972-5-28704261 > > Email: eliezer@xxxxxxxxxxxx > > > > -----Original Message----- > > From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] > On Behalf Of erdosain9 > > Sent: Thursday, October 27, 2016 19:08 > > To: squid-users@xxxxxxxxxxxxxxxxxxxxx > > Subject: Re: Transparent and non Transparent at the same > time > > > Ok... but i have this problem > > > ERROR: NAT/TPROXY lookup failed to locate original IPs on > > local=192.168.1.15:3130 remote=192.168.1.1:52090 FD 14 flags=33 > > > ... > > I put some dstnat in Mikrotik (192.168.1.1) > > > > ip firewall nat add chain=dstnat src-add=192.168.1.121 protocol=tcp > > dst-port=80 action=""> > > to-addresses=192.168.1.20 to-ports=3129 > > > ERROR: NAT/TPROXY lookup failed to locate original IPs on > > local=192.168.1.20:3129 remote=192.168.1.1:52153 FD 14 flags=33 > > 2016/10/27 14:01:43 kid1| ERROR: NF getsockopt(ORIGINAL_DST) failed on > > local=192.168.1.215:3129 remote=192.168.1.1:52154 FD 14 flags=33: (92) > Protocol not available > > > I dont have iptables or firewalld... im using Centos... is necessary > enable firewalld or iptables??? > > > > im using the PC (192.168.1.121 for test) Thanks > > > > > -- > > View this message in context: > http://squid-web-proxy-cache.1019090.n4.nabble.com/Transparent-and-non-Transparent-at-the-same-time-tp4680309p4680330.html > > Sent from the Squid - Users mailing list archive at Nabble.com. > > _______________________________________________ > > squid-users mailing list > > squid-users@xxxxxxxxxxxxxxxxxxxxx > > http://lists.squid-cache.org/listinfo/squid-users > > > _______________________________________________ > > squid-users mailing list > > squid-users@xxxxxxxxxxxxxxxxxxxxx > > http://lists.squid-cache.org/listinfo/squid-users > > > - -- Cats - delicious. You just do not know how to cook them. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJYEkA9AAoJENNXIZxhPexG6SQH/3KfdIijTUfo9P+gIAr/RRq4 ph8xJbzoLsxTBT+3TXdO4dTm0g9WJev7ZzJfKe0GcZsKWah6XSIzgYivm7HVFJ1Q z2r1FC5ofyfIgLB66a1wXtAe+RDwbsIH5/LIEcQPEcdYbCdU5ELE/Z/iJ2v89YjZ 73TWJYCZOCgCehUfMvkR+cfnqZP8jl+BxvnPPdfAwYjWEyIJRVwgHYWsfYXt3EuM 2+I6m5IXOwjFPzxIM4OEOmGl3e8jrCUCfk6ao11zxGLux5wmsPYb/NJXh9wQyr0n fld7PAS8ijeqIReZf7MYy2M8kgoSkWRr31o2TMnKRtL10p6EZB59tho5EByD5m0= =YqFK -----END PGP SIGNATURE----- |
Attachment:
0x613DEC46.asc
Description: application/pgp-keys
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
