why dont you use the interception\transparent mode instead of TPROXY?
for your setup it seems just the perfect idea.
i'm using a range setup like this:
-A PREROUTING -p tcp -m tcp -m iprange ! -d 192.168.0.0/16 -i eth1
--dport 80 -j REDIRECT --to-ports 3128 --src-range
192.168.0.0-192.168.0.190
with
http_port 192.168.0.1:3128 intercept
and it works like a charm.
Regards
Eliezer
On 13/12/2011 14:53, Saleh Madi wrote:
> Thanks Marcello for your reply, we have linux pppoe server work for 1000
> clients , how I can use the WPAD (web proxy autodiscovery protocol) for
> them.
>
> Thanks and Best Regards,
> Saleh
>
>> Il 13/12/2011 13:14, Saleh Madi ha scritto:
>>> Thanks Henrik for your reply, but when you have 1000 clients , its
>>> difficult to lit all clients to configure there browser with proxy, I
>>> think the redirect rule via policy based routing or other redirect
>>> method
>>> is easy than the configuration of the client bowser , have you any idea
>>> what the best to do for the 1000 clients.
>>>
>>> Thanks and Best Regards,
>>> Saleh
>>>
>>
>> My 2 (euro) cents, FWIW:
>>
>> - WPAD (web proxy autodiscovery protocol)
>> - if you're using active directory, take advantage of group policy (GPO)
>>
>> Google Is You Friend (TM)
>>
>> :-)
>>
>> --
>> Marcello Romani
>>
>
>
Received on Tue Dec 13 2011 - 14:20:50 MST
This archive was generated by hypermail 2.2.0 : Wed Dec 14 2011 - 12:00:03 MST