[squid-users] Unsuccessful at using Squid v4 with intercept

FOUTREL Sébastien sfoutrel at ecritel.net
Wed Oct 30 16:11:29 UTC 2019

Hello, I would like to use squid as a transparent proxy for my users.

My platform is pretty simple 😃

"Clients" are behind a Debian "Router" which MASQUERADE them (as they use RFC 1918 ips).

I have a Squid 4.6 from Debian Buster packages installed on a "Proxy" server which is outside my network.

I read a lot of tutorials and examples from squid site...

I Applied a DNAT to trafic coming from Clients thru Router to Proxy.

iptables -tnat -A PREROUTING -i LAN_3500 -p tcp -m tcp --dport 80 -j DNAT --to-destination <Proxy>:3129

HTTP is coming to squid successfully but squid logs show a request coming from proxy himself and a request coming from Router (as Clients are NATed by Router)

if I allow in squid.conf the Proxy IP, I end up with a Forward loop...

I also tried the tproxy scenario with no success.

I'd really like some help.

Thanks !

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20191030/e8f0743b/attachment.html>

More information about the squid-users mailing list