Moin, I setup a perfect running squid as a transparent proxy for http access. According to http://en.tldp.org/HOWTO/TransparentProxy.html, the gateway redirects all communication at port 80 to the host running squid:
iptables -t nat -A PREROUTING -i eth0 -s ! 192.168.2.53 -p tcp --dport 80 -j DNAT --to 192.168.2.53:3128 iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.0/255.255.255.0 -d 192.168.2.53 -j SNAT --to 192.168.2.1 iptables -A FORWARD -s 192.168.2.0/255.255.255.0 -d 192.168.2.53 -i eth0 -o eth0 -p tcp --dport 3128 -j ACCEPT Additional, squid is configured with httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on Now I thougt it's time to test a https setup. Therefore, I added one more rule to the firewall: iptables -t nat -A PREROUTING -i eth0 -s ! 192.168.2.53 -p tcp --dport 443 -j DNAT --to 192.168.2.53:3128 Even the https proxy works if the squid host is configured in the browser, it fails as soon it should work as a transparent proxy. I guess an additional configuration is required to tell squid to work as a transparent https proxy ... but how? Thanks -- |Michael Renner E-mail: [EMAIL PROTECTED] | |D-72072 Tuebingen Germany ICQ: #112280325 | |Germany Don't drink as root! ESC:wq
