<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Thanks Jan,<br>
<br>
Have checked everything.<br>
Tcp outgoing address is used,<br>
http_port 3128 transparent tproxy is used<br>
echo 1 > /proc/sys/net/ipv4/ip_forward<br>
<br>
Iptables list used<br>
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 3128<br>
iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j
TPROXY --on-port 3128<br>
<br>
Iptables status shows<br>
Table: tproxy<br>
Chain PREROUTING (policy ACCEPT)<br>
num target prot opt source destination <br>
1 TPROXY tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:80 TPROXY redirect 0.0.0.0:3128<br>
<br>
Chain OUTPUT (policy ACCEPT)<br>
num target prot opt source destination <br>
<br>
Table: nat<br>
Chain PREROUTING (policy ACCEPT)<br>
num target prot opt source destination <br>
1 REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:80 redir ports 3128 <br>
<br>
I feel that the problem is the traffic may be moving in a loop in the
server.<br>
Pls. suggest.<br>
<br>
Regards<br>
Sunil<br>
<br>
Jan Engelhardt wrote:
<blockquote cite="midPine.LNX.4.61.0608081555140.7552@yvahk01.tjqt.qr"
type="cite">
<blockquote type="cite">
<pre wrap="">1. tcp_outgoing_address <ip address of the cache server>
2. http_port 3128 tproxy
</pre>
</blockquote>
<pre wrap=""><!---->
tproxy is a separate option. Provided that you actually patched squid to
include tproxy support.
</pre>
<blockquote type="cite">
<pre wrap="">3. iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j
TPROXY --on-port 80
</pre>
</blockquote>
<pre wrap=""><!---->
--on-port 3128
</pre>
<blockquote type="cite">
<pre wrap="">Tried changing the proxy port to 80 and 3128 but no luck.
</pre>
</blockquote>
<pre wrap=""><!---->
Jan Engelhardt
</pre>
</blockquote>
</body>
</html>