[squid-users] Transparent-SSL and Iptables
Amos Jeffries
squid3 at treenet.co.nz
Sun Feb 5 10:30:30 UTC 2023
On 5/02/2023 5:06 pm, Allan Raymond Ignacio wrote:
> # Interface connected to LAN
> LAN_IN="eth1"
>
...
> # DNAT port 80 request comming from LAN systems to squid 3129
> ($SQUID_PORT) aka transparent proxy (http)
> iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j DNAT
> --to $SQUID_SERVER:$SQUID_PORT
>
> # DNAT port 443 request comming from LAN systems to squid 3130
> ($SQUID_PORTS) aka transparent proxy (https)
> iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 443 -j DNAT
> --to $SQUID_SERVER:$SQUID_PORTS
The above two rules are only sending traffic arriving from $LAN_IN to be
NAT'd to Squid.
Removing the -i parameter should fix the issue.
Cheers
Amos
More information about the squid-users
mailing list