Is it possible to use squid in same ip subnet with WAN IP? Iptables Squid port problem.
 

I have squid machines they all have 2 nics and
Modem --> eth0(192.168.1.0/24) Squid eth1(192.168.2.0/24) --> LocalSwitch

But recently, Programmers requested from me that I have to use the same ip subnet for two nics.
Ex:
Modem(192.168.1.2)------->eth0(192.168.1.3)Squid eth1(192.168.1.20)------->LocalSwitch

Before this request my iptables rules:
#!/bin/bash
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.2.10:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-port 3128

But this is not working anymore and
I have trouble writing new iptables script.
How can I do that?
Can you help me on this?
Thanks in advance.

that's not possible, as your squid box would no longer be being used as the route between the client and the internet. As you've got (HORRIBLE) transparent proxying, you have to contrive a routing layout so that you see that traffic and intercept it. You'd have to do some weird stuff to make the clients route to your machine and then back out again the same interface to the net.

This is all horrible. Best advice is to rip out the transparent rules and just tell them to hit the proxy directly.

I thought so, too.
Thanks a lot.
I will explain this to my manager.