On 2/7/18 5:37 PM, Rafael Akchurin wrote: > How is your network configured? Your rules indicate you have 2 nics but you later say you have one.. Originally, I started with 1 NIC (it's a VM), and added 2 more, because I read that pf/ipfw can't rewrite ingress packets on the same interface it used for egress, but I haven't tried creating a bridge and routes to attempt to make that work yet. The Ubuntu machine has 2 NICs; primary NIC is WAN facing (internet routable IP bound to eth0) and the secondary NIC sits on the "backup" network (LAN-side) on 192.168.2.x. Let's break it down: [WAN router] |-- LAN: 192.168.1.1 (wired LAN) `-- WWAN: 10.0.1.1 (wireless clients) BSD VM: 192.168.1.25 Ubuntu VM: |-- INET: 32.215.x.x `-- LAN: 192.168.2.x The WAN router is what sends traffic sent over it on :80, over to .1.25 (BSD) to cache. Previously, I had it pointed to Squid 2.6 sitting on my NAS (192.168.1.20) and that would work perfectly as a transparent proxy. When I pointed the WAN router to .25 instead of .20, and upgraded the version of Squid by using BSD's version from ports on .25, this process all fell apart. So... is having 3 NICs (1 NIC + 2 bridged together as bridge0) *now* a requirement to get transparent proxying working with anything using Squid 3.x or later? Can this be done with a single NIC sitting on an Internet-facing LAN segment? If so, how? _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
