Hi,

I'm trying to set up a transparent proxy on a machine behind my firewall. I followed the instructions given here: http://www.faqs.org/docs/Linux-mini/...tProxy.html#s7 (the first method) but using lynx on a machine in the local net I can't get out.

I know the squid box is working fine, before and after I modify the firewall rules I can connect to squid if I specify the proxy in the client. However, if I don't specify a proxy, lynx (checked links too) just hangs on loading the page.

Here is the relevant portion of my firewall config script:

IPTABLES=/usr/sbin/iptables
EXTIF="eth0"
INTIF="eth1"
SQUIDIP="192.168.0.2"
INTNET="192.168.0.0/24"
INTIP="192.168.0.1"

$IPTABLES -t nat -A PREROUTING -i $INTIF -s \! $SQUIDIP -p tcp -d $UNIVERSE --dport 80 -j DNAT --to-destination $SQUIDIP:8080

$IPTABLES -t nat -A POSTROUTING -o $INTIF -s $INTNET -d $SQUIDIP -j SNAT --to $SQUIDIP

iptables -A FORWARD -s $INTNET -d $SQUIDIP -i $INTIF -o $INTIF -p tcp --dport 8080 -j ACCEPT

I echoed both of these lines and they look ok to me. I run them and don't get any errors.

To recap the observed behavior:
Before I execute the lines above
- links www.google.com (works fine)
- links www.google.com (manually specify proxy, works fine)
After I execute the lines above
- links www.google.com (does not work)
- links www.google.com (manually specify proxy, works fine)

I need to get that third case working. Any suggestions?

Thanks,

Mark

I just thought to check that I can get from the firewall to the proxy. That works fine too, the firewall machine can connect to port 8080 on the proxy. So I'm still stuck.

Mark