On 16/01/20 9:30 pm, Robert Marshall wrote: > Hi all, > > I'm trying to set up a transparent proxy on my network so that all > devices are forced to use Squid/SquidGuard for network traffic, and can > filter out undesirable destinations. > > I have Squid/SquidGuard running on a Raspberry Pi 4, running the latest > release of Raspian Buster. The route is a D-Link DIR-860L, flashed with > the 01/14/20 build of DD-WRT. I tried using the instructions at DD-WRT. > But, am running into problems. What Instructions? If they are telling you to "port forward" or NAT traffic to wards a separate Squid *machine* they are outdated and now wrong. <https://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat> Note that traffic MUST only have the NAT performed on the Squid machine. Any use of DNAT (aka port forwarding) results in the problem you are seeing. Last time I setup devices like DD-WRT the UI only provided a "DMZ server" option. If you cannot do Policy Routing for only the port 80 or 443 traffic on the DD-WRT device then the DMZ equivalent may be used instead. Either way you need correct and separate routing and NAT rules for traffic arriving at the Squid machine to send the appropriate connections to Squid and anything else to its proper destination. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
