Hi there,
i just finished setup a proxy machine that runs in a separate box from gw.
i have the following iptables rule
on squid box
Code:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
on gw
Code:
iptables -t nat -A PREROUTING -i eth1 -s ! 10.5.5.121 -p tcp --dport 80 -j DNAT --to 10.5.5.121:3128
iptables -t nat -A POSTROUTING -o eth1 -s 10.5.5.0/24 -d 10.5.5.121 -j SNAT --to 10.5.5.1
iptables -A FORWARD -s 10.5.5.0/24 -d 10.5.5.121 -i eth1 -o eth1 -p tcp --dport 3128 -j ACCEPT
everything appears to function right except the fact that all the logs in squid log appear as if they're coming from gw IP 10.5.5.1.
here's an example
Code:
1282549242.411 74219 10.5.5.1 TCP_MISS/200 285 GET http://stork33.dropbox.com/subscribe? - DIRECT/208.43.202.34 text/html
1282549316.634 74218 10.5.5.1 TCP_MISS/200 285 GET http://stork33.dropbox.com/subscribe? - DIRECT/208.43.202.34 text/html
1282549390.883 74244 10.5.5.1 TCP_MISS/200 285 GET http://stork33.dropbox.com/subscribe? - DIRECT/208.43.202.34 text/html
1282549465.092 74205 10.5.5.1 TCP_MISS/200 285 GET http://stork33.dropbox.com/subscribe? - DIRECT/208.43.202.34 text/html
my question is how can i modify the iptables rules so it will forward the real ip's where the requests are originated from.
thanks in advance.