Hi.
I'm using Linux 2.4.4 as router for my users to reach the Internet.
I've implemented a transparent proxy (squid). For that reason I have
two NAT netfilter entries:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 62.xx.xx.xx/28 tcp dpt:80
REDIRECT tcp -- 0.0.0.0/0 !192.168.0.0/16 tcp dpt:80
redir ports 3128
In this way I'm telling my Linux box to forward all www connections
through our proxy (running at 3128 port of the local machine) except
ones directed to 62.xx.xx.xx/28 or 192.168.0.0/16.
Well, this does the trick. I can see squid correctly working and
logging www accesses.
Nevertheless *sometimes* my www packets are not redirected but
instead of that they're directly sent to Internet. Why??? Could it be
due to high traffic?
Thanks.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
** RoMaN SoFt / LLFB **
roman@madrid.com
http://pagina.de/romansoft
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I'm using Linux 2.4.4 as router for my users to reach the Internet.
I've implemented a transparent proxy (squid). For that reason I have
two NAT netfilter entries:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 62.xx.xx.xx/28 tcp dpt:80
REDIRECT tcp -- 0.0.0.0/0 !192.168.0.0/16 tcp dpt:80
redir ports 3128
In this way I'm telling my Linux box to forward all www connections
through our proxy (running at 3128 port of the local machine) except
ones directed to 62.xx.xx.xx/28 or 192.168.0.0/16.
Well, this does the trick. I can see squid correctly working and
logging www accesses.
Nevertheless *sometimes* my www packets are not redirected but
instead of that they're directly sent to Internet. Why??? Could it be
due to high traffic?
Thanks.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
** RoMaN SoFt / LLFB **
roman@madrid.com
http://pagina.de/romansoft
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~