Here is my problem. All port 80 traffic is being intercepted by the iptables configuration and redirecting to squid.
Some of my users have static IP addresses and host their own webservers. When the Squid box is up and running none of their sites are accessible. If I shut down the squid box everything begins to work again .. so it looks like it's my iptables causing the issues I tried creating a rule to bypass interception for my local subnets but it does not seems to work. Can someone please have a look and let me know what might be wrong? Here are the rules. /usr/local/sbin/iptables -t mangle -N DIVERT /usr/local/sbin/iptables -t mangle -A DIVERT -j MARK --set-mark 1 /usr/local/sbin/iptables -t mangle -A DIVERT -j ACCEPT # Local Subnets /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp -i eth1 --dport 80 -d 66.78.96.0/255.255.255.0 -j ACCEPT /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp -i eth1 --dport 80 -d 66.78.97.0/255.255.255.0 -j ACCEPT /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp -i eth1 --dport 80 -d 66.78.98.0/255.255.255.0 -j ACCEPT /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp -i eth1 --dport 80 -d 66.78.99.0/255.255.255.0 -j ACCEPT /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp -i eth1 --dport 80 -d 66.78.100.0/255.255.255.0 -j ACCEPT /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp -i eth1 --dport 80 -d 66.78.101.0/255.255.255.0 -j ACCEPT /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129 --on-ip 66.78.102.2 ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100
