Ok
1. Have you fixed DNS so that clients are now resolving the correct addresses for destination servers? No , the issues will not be solved and will always dns resolve the ip of websites to the ip address of squid ( http & https requestst with the wrong ds tip will hit squid) Again , I want to solve this issue form squid 2. Are you performing NAT *only* on the machine where Squid is running? Yes I have redirect rules that redirect the http & https to the port that squid listen . So I have : http_port 3128 http_port 10.159.144.206:11611 intercept iptables : ptables –t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.159.144.206:11611 ptables –t nat -A PREROUTING -p tcp -m tcp --dport 443 -j DNAT --to-destination 10.159.144.206:11611 Do you know where that IP address comes from? Is your DNS still broken, is this the IP address of the Squid server, does it mean anythign at all in your network? Some ips are locally and some ips are outside , so we have port forwarding well For now , skip the outside users and focous in the inside users The dns is separated server differ than squid , but both on same network The DNS is not broken , it will resolve some websites to ip address of squid and other websites will rslve to other ip , so again I don’t want to touch the DNS and I want to work on the current state > So how to let squid bypass checking it ? It's not a matter of bypassing Squid checking it - it's a matter of making it correct so that the checks do not fail. Im open to let squid do it and let wrong dstp ips forwarded well on squid . > Is my way above wrong ? I think so, but please answer the questions above so we can be more sure. > U say we need proxy mode ?? > > How should I implement proxy mode since user will not put ip:port in > his browser Use DHCP options and/or WPAD. Assume ips are static ips on clients Thanks again and im awaiting ur suggestions cheers _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
