<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
-----BEGIN PGP SIGNED MESSAGE----- <br>
Hash: SHA256 <br>
<br>
Once more: You are really absolutely sure you talking about Squid's
transparent interception proxy?<br>
<br>
Well, let's open Squid's wiki:<br>
<br>
<a class="moz-txt-link-freetext" href="http://wiki.squid-cache.org/ConfigExamples/Intercept">http://wiki.squid-cache.org/ConfigExamples/Intercept</a><br>
<br>
Please, read to us latest statement on this screenshot:<br>
<br>
<a class="moz-txt-link-freetext" href="https://i1.someimage.com/uKbfdot.png">https://i1.someimage.com/uKbfdot.png</a><br>
<br>
27.10.2016 23:55, Eliezer Croitoru пишет:<br>
<span style="white-space: pre;">> Well this is the most efficient
and less risker way.<br>
> I do not know MikroTik enough to the hardware but it has a
routing engine so... routing policy.<br>
> In the past I wrote about it somewhere with details
instructions on how to do it in a mikrotik.<br>
><br>
> Eliezer <br>
><br>
> ----<br>
> Eliezer Croitoru<br>
> Linux System Administrator<br>
> Mobile: +972-5-28704261<br>
> Email: <a class="moz-txt-link-abbreviated" href="mailto:eliezer@ngtech.co.il">eliezer@ngtech.co.il</a><br>
><br>
><br>
> -----Original Message-----<br>
> From: squid-users
[<a class="moz-txt-link-freetext" href="mailto:squid-users-bounces@lists.squid-cache.org">mailto:squid-users-bounces@lists.squid-cache.org</a>] On Behalf Of
Yuri Voinov<br>
> Sent: Thursday, October 27, 2016 20:51<br>
> To: <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
> Subject: Re: [squid-users] Transparent and non Transparent at
the same time<br>
><br>
><br>
> You absolutely sure, Eliezier? :)<br>
><br>
><br>
> 27.10.2016 23:46, Eliezer Croitoru пишет:<br>
> > You need routing policy not DNAT.<br>
><br>
> > Eliezer<br>
><br>
> > ----<br>
> > Eliezer Croitoru<br>
> > Linux System Administrator<br>
> > Mobile: +972-5-28704261<br>
> > Email: <a class="moz-txt-link-abbreviated" href="mailto:eliezer@ngtech.co.il">eliezer@ngtech.co.il</a><br>
><br>
><br>
> > -----Original Message-----<br>
> > From: squid-users
[<a class="moz-txt-link-freetext" href="mailto:squid-users-bounces@lists.squid-cache.org">mailto:squid-users-bounces@lists.squid-cache.org</a>]<br>
> On Behalf Of erdosain9<br>
> > Sent: Thursday, October 27, 2016 19:08<br>
> > To: <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
> > Subject: Re: [squid-users] Transparent and non
Transparent at the same<br>
> time<br>
><br>
> > Ok... but i have this problem<br>
><br>
> > ERROR: NAT/TPROXY lookup failed to locate original IPs
on<br>
> > local=192.168.1.15:3130 remote=192.168.1.1:52090 FD 14
flags=33<br>
><br>
> > ...<br>
> > I put some dstnat in Mikrotik (192.168.1.1)<br>
><br>
><br>
> > ip firewall nat add chain=dstnat src-add=192.168.1.121
protocol=tcp<br>
> > dst-port=80 action=dst-nat<br>
> > to-addresses=192.168.1.20 to-ports=3129<br>
><br>
> > ERROR: NAT/TPROXY lookup failed to locate original IPs
on<br>
> > local=192.168.1.20:3129 remote=192.168.1.1:52153 FD 14
flags=33<br>
> > 2016/10/27 14:01:43 kid1| ERROR: NF
getsockopt(ORIGINAL_DST) failed on<br>
> > local=192.168.1.215:3129 remote=192.168.1.1:52154 FD 14
flags=33: (92)<br>
> Protocol not available<br>
><br>
> > I dont have iptables or firewalld... im using Centos...
is necessary<br>
> enable firewalld or iptables???<br>
><br>
><br>
> > im using the PC (192.168.1.121 for test) Thanks<br>
><br>
><br>
><br>
> > --<br>
> > View this message in context:<br>
>
<a class="moz-txt-link-freetext" href="http://squid-web-proxy-cache.1019090.n4.nabble.com/Transparent-and-non-Transparent-at-the-same-time-tp4680309p4680330.html">http://squid-web-proxy-cache.1019090.n4.nabble.com/Transparent-and-non-Transparent-at-the-same-time-tp4680309p4680330.html</a><br>
> > Sent from the Squid - Users mailing list archive at
Nabble.com.<br>
> > _______________________________________________<br>
> > squid-users mailing list<br>
> > <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
> > <a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a><br>
><br>
> > _______________________________________________<br>
> > squid-users mailing list<br>
> > <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
> > <a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a><br>
><br>
><br>
></span><br>
<br>
- -- <br>
Cats - delicious. You just do not know how to cook them.<br>
-----BEGIN PGP SIGNATURE-----
<br>
Version: GnuPG v2
<br>
<br>
iQEcBAEBCAAGBQJYEkA9AAoJENNXIZxhPexG6SQH/3KfdIijTUfo9P+gIAr/RRq4
<br>
ph8xJbzoLsxTBT+3TXdO4dTm0g9WJev7ZzJfKe0GcZsKWah6XSIzgYivm7HVFJ1Q
<br>
z2r1FC5ofyfIgLB66a1wXtAe+RDwbsIH5/LIEcQPEcdYbCdU5ELE/Z/iJ2v89YjZ
<br>
73TWJYCZOCgCehUfMvkR+cfnqZP8jl+BxvnPPdfAwYjWEyIJRVwgHYWsfYXt3EuM
<br>
2+I6m5IXOwjFPzxIM4OEOmGl3e8jrCUCfk6ao11zxGLux5wmsPYb/NJXh9wQyr0n
<br>
fld7PAS8ijeqIReZf7MYy2M8kgoSkWRr31o2TMnKRtL10p6EZB59tho5EByD5m0=
<br>
=YqFK
<br>
-----END PGP SIGNATURE-----
<br>
<br>
</body>
</html>