Hi,
Here is quick info on my environment -
I have a CentOS 5.3 box server as firewall/gateway/router.
It has two interfaces
eth0 - public internetIP
eth1 - internal network IP (10.9.32.1)
The server hands out DHCP to all clients, and the server is the gateway.
I have installed squid proxy, and configured it to allow the local subnet, and added transparent option.
I added this to my iptables
# http proxy redirect
-A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.9.32.1:3128
-A POSTROUTING -o eth0 -j MASQUERADE
The transparent caching now appears to work. However I came across this article which says this: "WARNING: This method of interception is not recommended. There are other methods such as Proxy.PAC and http_proxy environment variable which are as effective and less intrusive when multiple clients are involved."
http://wiki.squid-cache.org/ConfigEx...rcept/AtSource
So I am trying to find the better way to do this. This is what I have come up with so far but does not seem to be working:
-A PREROUTING -i eth0 -p tcp --dport 80 -j ACCEPT
-A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
-A POSTROUTING -o eth0 -j MASQUERADE
Is this correct? Does anyone have better suggestions on how to do this?
Thanks.