also sprach Raúl Alexis Betancort Santana <rabs@xxxxxxxxxxxxxxxxxxxxx>
[2005.03.24.0948 +0100]:
> Are you trying to do transparent proxy on a router/gateway with
> dynamic ip on the public interface?, it's also you client's ip
> dynamic?
"local packets" means: packets generated on the machine running
squid itself. no "clients" involved.
Maybe this is clear:
(nat table)
-A OUTPUT -o world -p tcp --dport 80 -j redirect-local-squid
-A redirect-local-squid -m owner --gid-owner 13 -j ACCEPT
-A redirect-local-squid -p tcp -j REDIRECT --to-port 3128
This works. Problem is that the packets arriving at 3128 have the
dynamic external IP as source, when they should have 127.0.0.1.
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft <madduck@xxxxxxxxxx>
: :' : proud Debian developer, admin, user, and author
`. `'`
`- Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
the early bird may get the worm,
but the second mouse gets the cheese in the trap.
signature.asc
Description: Digital signature
|
