client source address with squid transparent proxy

12-31-2008, 01:42 PM

Running DD-WRT V24 SP1 on a Linksys WRT-160N (192.168.101.1). Using
iptables to do a transparent proxy to a squid box (192.168.101.3).
It's working, but the source address of the traffic in the squid logs
is the Linksys and not the originating client IP (hosts on the
192.168.101.0/24 network). Here's the iptables rules I'm using. Any
help appreciated. Thanks.

iptables -t nat -A PREROUTING -i br0 -s 192.168.101.0/24 -d
192.168.101.0/24 -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! 192.168.101.3 -p tcp --dport
80 -j DNAT --to 192.168.101.3:3128
iptables -t nat -A POSTROUTING -o br0 -s 192.168.101.0/24 -p tcp -d
192.168.101.3 -j SNAT --to 192.168.101.1
iptables -t filter -I FORWARD -s 192.168.101.0/24 -d 192.168.101.3 -i
br0 -o br0 -p tcp --dport 3128 -j ACCEPT

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
debian Etch transparent squid proxy error messages	Olaf Petzold	Linux Networking	9	10-11-2006 10:22 PM
How to make transparent proxy's source ip NOT unique ?	Mickey Jerry	Linux Networking	2	02-22-2006 01:22 AM
transparent proxy - iptables+ squid+2 routers	Igor	Linux Networking	3	10-13-2005 03:54 AM
FC3/Kernel 2.6, Fast Switching, Transparent Proxy, Squid, WCCP Help!!!!!	swoolley@adstelecom.com	Linux Networking	0	05-19-2005 01:03 AM
Transparent proxy with Squid and Apache problem	Tobias Skytte	Linux Networking	0	11-21-2003 08:20 AM