Hello Amos, Okay, ports are fixed from here and forwarded 80 to 3127 in iptables. http_port 3128 # for proxy client http_port 3127 intercept # for http intercept When a user tries to connect an HTTP site, tcpdump -vv -ni eth1 port 80 >>> https://paste.grasehotspot.org/view/raw/f81a60e4 tcpdump -vv -ni tun0 port 80 >>> https://paste.grasehotspot.org/view/raw/bb0a4bc1 tcpdump -vv -ni eth0 port 80 >>> https://paste.grasehotspot.org/view/raw/563912fd ... and the user never sees any output in the browser window. It's not working somewhere in between tun0 <--> eth0. eth0 is WAN here. When I use a forward proxy(http_port 3127 accel allow-direct), I can see the data passing through all three interfaces, and it works. ### For an HTTPS site - Only 1st 5 packets(though squid is not handling https), tcpdump -vv -ni eth1 port 443 >>> https://paste.grasehotspot.org/view/raw/11120563 tcpdump -vv -ni tun0 port 443 >>> https://paste.grasehotspot.org/view/raw/2d38b62b tcpdump -vv -ni eth0 port 443 >>> https://paste.grasehotspot.org/view/raw/1a62299b -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
