[squid-users] Transparent Proxy / iptables redirection / Preserve real client IP
This is a discussion on [squid-users] Transparent Proxy / iptables redirection / Preserve real client IP within the Squid Users forums, part of the Web Server and Related Forums category; Greetings, I am trying to determine if there is anyone possible I can preserve the real client IP's so ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-08-2004
|
|||
|
|||
[squid-users] Transparent Proxy / iptables redirection / Preserve real client IP
Greetings,
I am trying to determine if there is anyone possible I can preserve the real client IP's so they can be available to me in the log file. Here is my scenario. Firewall running linux, redirects to an internal FreeBSD machine that is running squid. iptables -t nat -A PREROUTING -i ethx -s ! squid-box -p tcp --dport 80 -j DNAT --to squid-box:3128 iptables -t nat -A POSTROUTING -o ethx -s local-network -d squid-box -j SNAT --to iptables-box iptables -A FORWARD -s local-network -d squid-box -i ethx -o ethx -p tcp --dport 3128 -j ACCEPT The above rules are working fine, except for the fact the logs indicate the IP address of my internal firewall NIC. Is there any hope of preserving the real client IP via an iptables rule? Any help would be appreciated. Thank you. 
|
Linear Mode
