Jan,

Am running the cache server with only one eth interface having a Public IP address i.e. eth0.
There is no bridge interface.

So, if my interface ip address is 192.168.1.1 should the tcp_outgoing _address be 192.168.1.1.
Since all the configuration looks ok now and iptables is accepting the command

iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j TPROXY --on-port 80
could the outgoing address be the only issue?
Will check and confirm if it works with that.

Regards
Sunil

Jan Engelhardt wrote:

Thanks Jan.
I was able to apply the iptables command after that.

Am trying to use tproxy with squid. But it seems that whenever I try to
run both tproxy and squid together, the traffic from my router is not


When using squid, you must set the "tcp_outgoing_address" to some ip 
address. I can't really tell which one works or which ones don't, fact is
- with the bridge address, it works
- with the address en route upstream, it should work
- with 127.0.0.1, it should not work (I guess)
- any other I have not tried

En route upstream means:

eth0 134.76.13.21/24
eth1 192.168.222.1/24
default gw 134.76.13.254

Then the en-route upstream address is the one on eth0. It might work with 
192.168.222.1 too, you gotta try.

being forwarded to the cache server.
But after rebooting the system and not applying tproxy everything works
well.



Jan Engelhardt