Hi group, I thought I could run squid (3.1.20) on one box, and iptables with DNAT on another box with
iptables -t nat -A PREROUTING -p tcp --dport 80 -i $LOCIF ! -s $squidbox ! -d $localnet -j DNAT --to-destination $squidbox:3128 squid.conf snip: http_port 192.x.x.x:3128 intercept But on the squidbox /var/var/log/squid3/cache.log says: IpIntercept.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed on FD 45: (92) Protocol not available Some manuals on the internet suggest that this setup should be possible [1], while others claim squid must run on the same box performing NAT [2]. Can anybody help me out with this? Cheers, Simon [1] http://tldp.org/HOWTO/TransparentProxy-6.html [2] http://squid-web-proxy-cache.1019090.n4.nabble.com/external-NAT-and-quot-Protocol-not-available-quot-td3173494.html -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/k37ctf$s3o$1...@news.albasani.net