Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 09-27-2008, 06:20 PM   #1
LQ Newbie
Registered: Sep 2008
Location: poland
Distribution: slackware, ubuntu, freebsd
Posts: 2

Rep: Reputation: Disabled
squid - hosts addresses

hello everybody

i recently added a transparent proxy server in my local network (running on a separate box, freebsd);
all the traffic is redirected by router to this machine;
some users have the browser manually configured (pointed to the proxy), others do not;

everything works fine except for one thing;

i can see (in squid access.log) only the ip addresses of those hosts that have the browsers manuallu configured, the rest i see with the address of the router (;

now i suppose that the problem is in the iptables rules (have to admit i'm not best in thi field)

here is my firewall

router -
squid -

echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/modprobe iptable_filter
/sbin/modprobe ip_conntrack
/sbin/modprobe iptable_nat
/sbin/modprobe ipt_MASQUERADE
/sbin/modprobe ipt_REDIRECT
/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_nat_irc
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_conntrack_irc

/sbin/iptables -F -t nat
/sbin/iptables -X -t nat
/sbin/iptables -F -t filter
/sbin/iptables -X -t filter
/sbin/iptables -t filter -P FORWARD DROP
/sbin/iptables -t filter -P OUTPUT ACCEPT
/sbin/iptables -t filter -P INPUT DROP
/sbin/iptables -t filter -A FORWARD -s -d 0/0 -j ACCEPT
/sbin/iptables -t filter -A FORWARD -d -s 0/0 -j ACCEPT
/sbin/iptables -t filter -A INPUT -j ACCEPT
##tutaj jestprzekierowanie calego ruchu na squida
/sbin/iptables -t nat -A PREROUTING -i eth1 -s ! -p tcp --dport 80 -j DNAT --to
/sbin/iptables -t nat -A POSTROUTING -o eth1 -s -d -j SNAT --to
/sbin/iptables -A FORWARD -s -d -i eth1 -o eth1 -p tcp --dport 8080 -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j SNAT -s -d 0/0 --to $MY_IP

1222405889.735    131 TCP_MISS/200 2614 GET - DIRECT/217.17$
1222405889.751    132 TCP_MISS/200 1863 GET - DIRECT/$
1222405889.758   5174 TCP_REFRESH_MISS/200 8246 GET - DIRECT/ text/xml
1222405890.271   1336 TCP_MISS/200 1708 GET - DIRECT/ imag$
1222405890.749    486 TCP_MISS/200 8750 GET - DIRECT/217.17.42.$
1222405893.198   2472 TCP_MISS/206 224342 GET - DIRECT/217.17.4$
1222405909.916    274 TCP_MISS/200 3398 GET - DIRECT/ text/html
1222405910.890    420 TCP_MISS/200 396 HEAD - DIRECT/87.$
1222405911.532    496 TCP_MISS/200 383 HEAD - DIRECT/65.55.13$
1222405911.651     77 TCP_MISS/200 396 HEAD$
1222405911.944    289 TCP_MISS/200 25479 GET$
1222405912.815      4 TCP_MEM_HIT/200 395 HEAD - NONE/- $
1222405918.268    112 TCP_MISS/301 590 GET - DIRECT/ text/html
1222405918.575    303 TCP_MISS/200 11434 GET - DIRECT/ text/html
1222405919.413    493 TCP_MISS/200 7537 GET - DIRECT/ text/css
1222405919.639    226 TCP_MISS/200 5386 GET - DIRECT/ application/x-javascript
1222405919.838    197 TCP_MISS/200 2131 GET - DIRECT/ image/gif
1222405919.866    617 TCP_MISS/200 3537 GET - DIRECT/ $
1222405920.128      0 TCP_DENIED/403 1444 GET - NONE/- text/html
you can see:
- and - direct connection;
- - others (through router);

i'd appreciate any help;

Old 09-27-2008, 11:57 PM   #2
Senior Member
Registered: Apr 2004
Location: Brisbane, Australia
Distribution: pclinuxos slackware64 tails kali
Posts: 3,382
Blog Entries: 33

Rep: Reputation: 217Reputation: 217Reputation: 217
It maybe a combination of both, I use squid and iptables to control my network.

I have found these pages invaluable...

in particular, squid...

and iptables...

The only machine i have with a "browser" setting "to proxy" is the firewalled-gateway (fwgw). The others are just "connected directly to the internet"

My fwgw sys, ppp0=ext eth0=int

cheers, Glenn


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Block source names/IP addresses for Squid kginige Linux - Server 1 09-27-2008 07:12 PM
LXer: How To Whitelist Hosts/IP Addresses In Postfix LXer Syndicated Linux News 0 06-11-2008 05:20 PM
Squid Proxy Server Leaking Private IP Addresses jreige Linux - Software 1 08-09-2007 03:53 AM
windows hosts file, not working anymore with squid :( spatieman Linux - Software 4 02-16-2005 03:39 PM
Squid and resolving local addresses on network lumpyhed Linux - Networking 1 03-12-2004 08:31 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:29 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration