<div dir="ltr"><font face="arial, sans-serif">The problem I am seeing is the intercept port initiates HTTP connection to self-IP instead of the web server IP it gets from the DNS request. <br></font><div><font face="arial, sans-serif"> Filtered Tcpdump screenshot @ </font><a href="https://drive.google.com/open?id=0ByReiwdSAAY_VXBPTjF1M3dYTnBTTnhFVnRocXFveUlNSlNj">https://drive.google.com/open?id=0ByReiwdSAAY_VXBPTjF1M3dYTnBTTnhFVnRocXFveUlNSlNj</a></div><div><br></div><div><font face="arial, sans-serif">Server IP: Eth0: IP<span style="background-color:transparent;white-space:pre-wrap">: <a href="http://172.22.22.148/26" target="_blank">172.22.22.148/26</a> (Same eth0 interface reaches the internet gateway).  </span></font></div><div><div>Configurations for </div><div><font face="trebuchet ms, sans-serif">1) Nat table: </font></div><div><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap">Chain </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);font-weight:700;vertical-align:baseline;white-space:pre-wrap">PREROUTING</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"> (policy ACCEPT 23 packets, 1632 bytes)</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"><br></span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap">num   pkts bytes target     prot opt </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(102,102,234);vertical-align:baseline;white-space:pre-wrap">in</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap">     out     </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(223,83,32);vertical-align:baseline;white-space:pre-wrap">source</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap">               destination         </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"><br></span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap">1       66  3960 REDIRECT   tcp  --  eth0   *       <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>            <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>            tcp dpt:80 /* Redirect http traffic  eth0:80 to eth0:3128 */ redir ports 3128</span><br></div><div><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"><br></span></div><div><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;vertical-align:baseline">Chain </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;font-weight:700;vertical-align:baseline">POSTROUTING</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;vertical-align:baseline"> (policy ACCEPT 0 packets, 0 bytes)</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;vertical-align:baseline"><br></span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;vertical-align:baseline">num   pkts bytes target     prot opt </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;color:rgb(102,102,234);vertical-align:baseline">in</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;vertical-align:baseline">     out     </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;color:rgb(223,83,32);vertical-align:baseline">source</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;vertical-align:baseline">               destination         </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;vertical-align:baseline"><br></span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;vertical-align:baseline">1    13500  856K MASQUERADE  all  --  *      *       <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>            <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>            /*  Allows NAT To happen */</span><br></span></div><div><br></div><div><div><font face="trebuchet ms, sans-serif">2) Mangle table: </font></div></div><div><div><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap">Chain PREROUTING (policy ACCEPT 6180 packets, 519K bytes)</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"><br></span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"> pkts bytes target     prot opt </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(102,102,234);vertical-align:baseline;white-space:pre-wrap">in</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap">     out     </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(223,83,32);vertical-align:baseline;white-space:pre-wrap">source</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap">               destination         </span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"><br></span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"> 1434  148K ACCEPT     tcp  --  any    any     <a href="http://172.22.22.0/24" target="_blank">172.22.22.0/24</a>       anywhere             tcp dpt:http</span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"><br></span><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap">    0     0 DROP       tcp  --  any    any     anywhere             anywhere             tcp dpt:3128</span></div></div></div><div><span style="font-variant-numeric:normal;font-variant-east-asian:normal;background-color:rgb(241,239,238);font-size:11pt;font-family:Consolas,sans-serif;color:rgb(104,97,94);vertical-align:baseline;white-space:pre-wrap"><br></span></div><div><span style="font-variant-numeric:normal;font-variant-east-asian:normal;font-size:11pt;vertical-align:baseline;white-space:pre-wrap"><font face="trebuchet ms, sans-serif" color="#000000">3) Squid.conf </font></span></div><span id="m_-6173782671355874605gmail-m_4710091891605228470gmail-docs-internal-guid-0c346f1c-7fff-86ec-4e80-5ea862c37126"><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">http_port <a href="http://172.22.22.148:3128/" target="_blank">172.22.22.148:3128</a> intercept</span></p><p dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">https_port <a href="http://172.22.22.148:3129/" target="_blank">172.22.22.148:3129</a> intercept ssl-bump cert=/etc/squid/ssl_certs/myCA.pem generate-host-certificates=on</span></p></span><div>Complete squid.conf file @ <a href="https://pastebin.com/gG8pYpLF" target="_blank">https://pastebin.com/gG8pYpLF</a>. <br></div><div><br></div><div>Please let me know if I am missing some conf or the next steps I should try to get this running. </div><div><br></div><div>Thanks!</div></div>