On Sat, 2001-09-29 at 21:20, Jon Schewe wrote: > I want to setup squid as a transparent proxy. I've found the appropriate > pages on how to do this. The question I have is this. When you setup the > redirect you tell your firewall to redirect all requests to any outside > machines port 80 to the port that squid is listening on and then squid handles > it all. Now what if squid is running on a machine on the inside of my > firewall? Won't the packets sent from squid to request the pages get caught > up in the same redirect and the packets won't get anywhere? How do I solve > this problem? I'd rather not run squid on my firewall, but I can if needed. > Talking iptables or ipchains? Using ipchains, I don't think it's possible to redirect to a non-local machine. Using iptables, you simply set up two rules; one that says traffic from the Squid host is allowed and not rejected, and the second that redirects by default. -- Nate Carlson <natecars at real-time.com> | Phone : (952)943-8700 http://www.real-time.com | Fax : (952)943-8500 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010930/81bf48f9/attachment.pgp