On 15/02/2017 9:18 a.m., John Pearson wrote: > Hi, > > Is this squid box a router or just a proxy? > - just a proxy There is the first problem. NAT interception needs the machine Squid is running on to be configured to operate as a router. It will be receiving packets destined to a machine other than itself. > > What tcpdump command did you ran? > - sudo tcpdump -i eth0 > > What is the networks that are involved? > Setup: > >> Client (192.168.1.8) ---> | Rotuer | >> | gateway/dhcp | ---> >> Internet >> Squid box (192.168.1.2) ---> | 192.168.1.1 | > > > Here Client (debian), squid (debian) and router are three separate devices. > So the Squid machine; requires this bit you did: <http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect> PLUS the system TCP stack controls to turn it from a origin-server host to a routing host. Otherwise the machine will silently drop packets not destined to itself. The router machine requires this: <http://wiki.squid-cache.org/ConfigExamples/Intercept/IptablesPolicyRoute#When_Squid_is_Internal_amongst_clients> The router machine probably also needs the "Routing Setup": <http://wiki.squid-cache.org/ConfigExamples/Intercept/IptablesPolicyRoute#Routing_Setup> Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
