Nate Carlson <natecars at real-time.com> writes: > On Sat, 2001-09-29 at 21:20, Jon Schewe wrote: > > I want to setup squid as a transparent proxy. I've found the appropriate > > pages on how to do this. The question I have is this. When you setup the > > redirect you tell your firewall to redirect all requests to any outside > > machines port 80 to the port that squid is listening on and then squid handles > > it all. Now what if squid is running on a machine on the inside of my > > firewall? Won't the packets sent from squid to request the pages get caught > > up in the same redirect and the packets won't get anywhere? How do I solve > > this problem? I'd rather not run squid on my firewall, but I can if needed. > > > > Talking iptables or ipchains? > > Using ipchains, I don't think it's possible to redirect to a non-local > machine. > > Using iptables, you simply set up two rules; one that says traffic from > the Squid host is allowed and not rejected, and the second that > redirects by default. Using ipf, OpenBSD. -- Jon Schewe | http://mtu.net/~jpschewe | jpschewe at mtu.net For I am convinced that neither death nor life, neither angels nor demons, neither the present nor the future, nor any powers, neither height nor depth, nor anything else in all creation, will be able to separate us from the love of God that is in Christ Jesus our Lord. - Romans 8:38-39