[squid-users] Mikrotik and Squid Transparent
Amos Jeffries
squid3 at treenet.co.nz
Sun Jun 28 11:11:13 UTC 2015
On 28/06/2015 10:37 p.m., Dalmar wrote:
> To begin with, thank you Marcel,Alex and Amos for your help guys i am
> really so close because of you. I have done exactly what Marcel told me and
> now all transparent/intercept errors are gone. It worked nicely when i used
> two mikrotiks one for WAN and the other for the LAN connection, however,
> when i use one mikrotik it says TCP_MISS_ABORTED and NONE_ABORTED. In this
> situation ,squid gets internet from the MK LAN port using a public IP and i
> can ping the net, but squid throws the above error in the access.log. The
> topo i wanna use is INTERNET >>MK >> SQUID .
> i think the iptable rules will change.The Mikrotik have 3 NICS now , but i
> can add 1 more so it becomes eth0:WAN eth1:LAN eth2:PROXY-LAN
> eth3:PROXY-WAN .
You should not need extra NICs for this. The Mikrotik rules just need to
distinguish the flows clearly.
a) LAN->WAN dst port TCP/80 use gateway eth2
b) *->WAN use gateway eth0
c) *->Squid use gateway eth2
d) *->LAN use gateway eth1
>
> NB: it says Your message to squid-users awaits moderator approval , Message
> body is too big ,for all my replays! so sorry for the delay.
NP: We have a 40KB size limit on posts to these lists. Moderation for
others and the moderators procrastinate.
Amos
More information about the squid-users
mailing list