yOn Tue, 2 Mar 2004, sebelk wrote:

> Hi,
> I'm testing squid as transparent proxy in a standalone pc (only has a ethernet
> card connected by cablemodem to internet). Namely, this computer has two
> interfaces eth0 and lo.


You can't transparently proxy traffic from the proxy server itself, at
least not without extreme care.

> iptables -t nat -A OUTPUT -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128


This requires support for local NAT to be enabled in your kernel. Normally
not enabled.

Please note that it is absulutely required that you also add rules
allowing Squid to access the Internet, if not the above rule will cause a
loop where Squid gets redirected back on itself.

Regards
Henrik