> I'm running:
>
> Squid Cache: Version 3.0.STABLE9
> configure options:
>
> and am using transparent proxying on a squid box that's behind my iptables
> firewall. Everything works ok, however the access.log shows all requests
> are coming from the firewall's IP instead of from my LAN's workstation
> IPs.
>
> I used iptables rules similar to what I found on
> http://tldp.org/HOWTO/TransparentProxy-6.html
>
> If I set the proxy manually on a browser, then the access log entries
> appear as desired. I could manually set the proxy on all workstations, but
> I'd rather have it work automatically if possible. Does anyone know if
> what I want is possible? Thanks!
The single-IP logging is due to the fact that Squid does not have access
to a separate boxes NAT table.
You need the squid box itself to be doing the NAT. Transparency is best
done by directing packets through the squid box using WCCP tunneling,
Policy Routing, or running Squid one the gateway/firewall box.
As described at http://wiki.squid-cache.org/ConfigExamples/Intercept
Amos
Received on Wed Dec 03 2008 - 02:32:11 MST
This archive was generated by hypermail 2.2.0 : Wed Dec 03 2008 - 12:00:02 MST