[squid-users] Squid 4.8+ intercept

Thu Aug 18 03:08:35 UTC 2022

Hello Rafael,

Thank you for your reply. The key problem in my case is that I'm using
a complex NAT/Mangle setup, with too many decisions to be made. When I
finally succeeded, I was able to pin-point the glitch in my setup:
"Ensure NAT Rule is Applied to WAN Interface Only" in your excellent
guide.

Since I'm unable to do that in my setup, I used a better and more safe
approach: just create a nat rule that will ACCEPT traffic from
intercepted clients with no further action, and place it well enough
higher in the nat rule-chain so it basically skips regular nat.

Thank you for the excellent guide.

All best,
K

On Tue, Aug 9, 2022 at 10:54 PM Rafael Akchurin
<rafael.akchurin at diladele.com> wrote:
>
> Hello K,
>
> We use https://docs.diladele.com/tutorials/mikrotik_transparent_squid/index.html
>
> Best regards,
> Rafael
>
> Op 9 aug. 2022 om 21:29 heeft M K <mohammed.khallaf at gmail.com> het volgende geschreven:
>
> 
> Hello,
>
> I have a setup like this one:
>
> | Client | =====> | Router | =====> Internet
>                      ||
>                      \/
>                   | Squid |
>
> ...the router is a Mikrotik router capable of all things NAT/Redirect and whatnot. Squid server has only one network interface.
> Using the router:
> - I tried routing traffic to squid server IP.
> - I tried destination-NATing from client to server IP, with origin server IP-and-port natted to squid IP-and-port, and with origin server IP-only natted to squid-IP.
>
> I have been struggling for 2 days to setup a working Squid 4.8 or higher interception.
> Test server is running Ubuntu 18.4.3 and Squid 4.8.
> Documentation is either too much trim or extremely outdated.
> Any help would be very much appreciated.
>
> All best,
> K
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users