I just realized that part 5 minutes ago... Sorry for the nuisance! In my
case I need to use as a proxy a different machine because otherwise I'd
have to set one per client with the same rules, which seems not very
scalable. The final schema would be this:
Client 1 \
Client 2 \
Client 3 -> squid3 server -> internet
Client 4 /
Client 5 /
Also, the server running squid3 as transparent proxy would be under a
different public IP and router than the clients (a remote server...
requirement of my company), and all of them are using just one network
interface. What iptables rules would I need to achieve this scenario?
Thanks!
El 16/07/2014 18:38, babajaga escribió:
>> there is just one network in both the client and server
> side.<
>> On the client side,
> I just added the OUTPUT DNAT iptables rule to make it match the 3128 IP
> and port of the remote server.<
>
> Sorry, I am a bit confused.
> Pls, read carefully:
> #Example for squid and NAT on same machine: !!!!!!!!!!!!!!!!!!!!!!
> iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination
> SQUIDIP:3128
>
> This also means, that client machine (running the browser, transparently)
> and squid-machine are in the same net, and that squid then forwards the
> request
> to the real destination/server.
>
> According to your posts, squid and NAT seem NOT to be on same machine.
>
>
>
>
> --
> View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Three-questions-about-Squid-configuration-tp4666931p4666949.html
> Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Wed Jul 16 2014 - 17:51:02 MDT
This archive was generated by hypermail 2.2.0 : Thu Jul 17 2014 - 12:00:04 MDT