[squid-users] Transparent and non Transparent at the same time

Thu Oct 27 17:58:21 UTC 2016

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Once more: You are really absolutely sure you talking about Squid's
transparent interception proxy?

Well, let's open Squid's wiki:

http://wiki.squid-cache.org/ConfigExamples/Intercept

Please, read to us latest statement on this screenshot:

https://i1.someimage.com/uKbfdot.png

27.10.2016 23:55, Eliezer Croitoru пишет:
> Well this is the most efficient and less risker way.
> I do not know MikroTik enough to the hardware but it has a routing
engine so... routing policy.
> In the past I wrote about it somewhere with details instructions on
how to do it in a mikrotik.
>
> Eliezer
>
> ----
> Eliezer Croitoru
> Linux System Administrator
> Mobile: +972-5-28704261
> Email: eliezer at ngtech.co.il
>
>
> -----Original Message-----
> From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org]
On Behalf Of Yuri Voinov
> Sent: Thursday, October 27, 2016 20:51
> To: squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] Transparent and non Transparent at the same
time
>
>
> You absolutely sure, Eliezier? :)
>
>
> 27.10.2016 23:46, Eliezer Croitoru пишет:
> > You need routing policy not DNAT.
>
> > Eliezer
>
> > ----
> > Eliezer Croitoru
> > Linux System Administrator
> > Mobile: +972-5-28704261
> > Email: eliezer at ngtech.co.il
>
>
> > -----Original Message-----
> > From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org]
> On Behalf Of erdosain9
> > Sent: Thursday, October 27, 2016 19:08
> > To: squid-users at lists.squid-cache.org
> > Subject: Re: [squid-users] Transparent and non Transparent at the same
> time
>
> > Ok... but i have this problem
>
> >  ERROR: NAT/TPROXY lookup failed to locate original IPs on
> > local=192.168.1.15:3130 remote=192.168.1.1:52090 FD 14 flags=33
>
> > ...
> > I put some dstnat in Mikrotik (192.168.1.1)
>
>
> > ip firewall nat add chain=dstnat src-add=192.168.1.121 protocol=tcp
> > dst-port=80  action=dst-nat
> > to-addresses=192.168.1.20 to-ports=3129
>
> > ERROR: NAT/TPROXY lookup failed to locate original IPs on
> > local=192.168.1.20:3129 remote=192.168.1.1:52153 FD 14 flags=33
> > 2016/10/27 14:01:43 kid1| ERROR: NF getsockopt(ORIGINAL_DST) failed on
> > local=192.168.1.215:3129 remote=192.168.1.1:52154 FD 14 flags=33: (92)
> Protocol not available
>
> > I dont have iptables or firewalld... im using Centos... is necessary
> enable firewalld or iptables???
>
>
> > im using the PC (192.168.1.121 for test) Thanks
>
>
>
> > --
> > View this message in context:
>
http://squid-web-proxy-cache.1019090.n4.nabble.com/Transparent-and-non-Transparent-at-the-same-time-tp4680309p4680330.html
> > Sent from the Squid - Users mailing list archive at Nabble.com.
> > _______________________________________________
> > squid-users mailing list
> > squid-users at lists.squid-cache.org
> > http://lists.squid-cache.org/listinfo/squid-users
>
> > _______________________________________________
> > squid-users mailing list
> > squid-users at lists.squid-cache.org
> > http://lists.squid-cache.org/listinfo/squid-users
>
>
>

- -- 
Cats - delicious. You just do not know how to cook them.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJYEkA9AAoJENNXIZxhPexG6SQH/3KfdIijTUfo9P+gIAr/RRq4
ph8xJbzoLsxTBT+3TXdO4dTm0g9WJev7ZzJfKe0GcZsKWah6XSIzgYivm7HVFJ1Q
z2r1FC5ofyfIgLB66a1wXtAe+RDwbsIH5/LIEcQPEcdYbCdU5ELE/Z/iJ2v89YjZ
73TWJYCZOCgCehUfMvkR+cfnqZP8jl+BxvnPPdfAwYjWEyIJRVwgHYWsfYXt3EuM
2+I6m5IXOwjFPzxIM4OEOmGl3e8jrCUCfk6ao11zxGLux5wmsPYb/NJXh9wQyr0n
fld7PAS8ijeqIReZf7MYy2M8kgoSkWRr31o2TMnKRtL10p6EZB59tho5EByD5m0=
=YqFK
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161027/ffa49c40/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x613DEC46.asc
Type: application/pgp-keys
Size: 2437 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161027/ffa49c40/attachment.key>