Hello Rafael, Thank you for your reply. The key problem in my case is that I'm using a complex NAT/Mangle setup, with too many decisions to be made. When I finally succeeded, I was able to pin-point the glitch in my setup: "Ensure NAT Rule is Applied to WAN Interface Only" in your excellent guide. Since I'm unable to do that in my setup, I used a better and more safe approach: just create a nat rule that will ACCEPT traffic from intercepted clients with no further action, and place it well enough higher in the nat rule-chain so it basically skips regular nat. Thank you for the excellent guide. All best, K On Tue, Aug 9, 2022 at 10:54 PM Rafael Akchurin <rafael.akchurin@xxxxxxxxxxxx> wrote: > > Hello K, > > We use https://docs.diladele.com/tutorials/mikrotik_transparent_squid/index.html > > Best regards, > Rafael > > Op 9 aug. 2022 om 21:29 heeft M K <mohammed.khallaf@xxxxxxxxx> het volgende geschreven: > > > Hello, > > I have a setup like this one: > > | Client | =====> | Router | =====> Internet > || > \/ > | Squid | > > ...the router is a Mikrotik router capable of all things NAT/Redirect and whatnot. Squid server has only one network interface. > Using the router: > - I tried routing traffic to squid server IP. > - I tried destination-NATing from client to server IP, with origin server IP-and-port natted to squid IP-and-port, and with origin server IP-only natted to squid-IP. > > I have been struggling for 2 days to setup a working Squid 4.8 or higher interception. > Test server is running Ubuntu 18.4.3 and Squid 4.8. > Documentation is either too much trim or extremely outdated. > Any help would be very much appreciated. > > All best, > K > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
