I have a router running DD-WRT and I needed to
do transparent proxy for local network clients
where client port 80 requests that show up at
the router end up being sent to the CentOS
server running Squid also on the local network.
I got everything configured and running nicely
and I was looking at the Squid logs on the
CentOS server with a "tail -f
/var/log/squid/access.log" while thinking about
the next step of configuring and running
SquidGuard and I noticed something that seems
odd. All of the source IP's for all of the log
entries flying by for all the different
workstations are the IP of the router, not the
individual workstations. Here is the page with
the iptables instructions I used:
http://www.dd-wrt.com/wiki/index.php/Squid_Transparent_Proxy
(works very well, note that you have to escape
the variable references as well as the dbl
quotes as mentioned to get it into the DD-WRT
firewall)
In SquidGuard I will want to have the ability to
fashion acl rules by IP number but as things are
now all SquidGuard is going to see is the source
IP which is always the router IP where the
workstations got NAT'd...
e.g.
1192406978.122 80 192.168.84.1 TCP_MISS/200
3388 GET http:// ... DIRECT/... image/jpeg
1192407186.460 9 192.168.84.1
TCP_MEM_HIT/200 1410 GET http://... NONE/...
image/png
(every single entry is of source 192.168.84.1,
the IP of the router)
Anyone have any thoughts/tips on how to send the
IP of the originating workstation to Squid
rather than being NAT'd and showing up at Squid
with the IP translated into the router's IP? Is
this even a possible outcome?(it has been a
while since I chopped my way through iptables
like this).
TIA,
rbw
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
