senthil wrote:
HI

I have installed Tproxy 4 .

I have done all the prerequisites like compiling kernel and installing
iptables 1.4 etc

When i create Bridge i cant able to browse in private ip

My network :

Internet ---> (eth1)squid machine(eth0)------>test client

eth1 -public ip

eth0 and test client ip ---->private in 172 series

But i able to browse in public ip and access is seen in log of squid


So if I understand you correctly, ... when you attempt to use a private non-Internet IP address on the public Internet it fails?

Things to know:
* bridging is based around preserving the IP address unchanged across the machine.

 * TPROXY is based around preserving the IP address across the machine.


172 series IP addresses require NAT to contact the Internet.

* NAT is based around destroying the IP address. But maintaining information such that any response can be copied back to the right client.


Since you have 172.* addresses coming in one side and being NAT'd I advise dropping the bridge and tproxy usage. There is no point in going to extreme lengths to preserve the IP address at such low level only to destroy it as soon as it exits Squid.

The NAT interception setup for Squid should be sufficient.

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE7 or 3.0.STABLE23
  Current Beta Squid 3.1.0.16

Reply via email to