why dont you use the interception\transparent mode instead of TPROXY?
for your setup it seems just the perfect idea.
i'm using a range setup like this:
-A PREROUTING -p tcp -m tcp -m iprange ! -d 192.168.0.0/16 -i eth1
--dport 80 -j REDIRECT --to-ports 3128 --src-range
192.168.0.0-192.168.0.190
with
http_port 192.168.0.1:3128 intercept
and it works like a charm.
Regards
Eliezer
On 13/12/2011 14:53, Saleh Madi wrote:
Thanks Marcello for your reply, we have linux pppoe server work for 1000
clients , how I can use the WPAD (web proxy autodiscovery protocol) for
them.
Thanks and Best Regards,
Saleh
Il 13/12/2011 13:14, Saleh Madi ha scritto:
Thanks Henrik for your reply, but when you have 1000 clients , its
difficult to lit all clients to configure there browser with proxy, I
think the redirect rule via policy based routing or other redirect
method
is easy than the configuration of the client bowser , have you any idea
what the best to do for the 1000 clients.
Thanks and Best Regards,
Saleh
My 2 (euro) cents, FWIW:
- WPAD (web proxy autodiscovery protocol)
- if you're using active directory, take advantage of group policy (GPO)
Google Is You Friend (TM)
:-)
--
Marcello Romani
