|
I am sure people have asked this question many times. After going through
all the Howto pages and searching in google I am still not able to do
Transparent-Proxy using squid
This is what my setup looks like.
<Cisco Router>
|202.79.63.230
|
|
eth0: 202.79.63.240
<LVS Server>
eth1: 192.168.10.1
|
|
|
eth0:192.168.10.10
<Real Server>
The cisco router is the gatway for the LVS server and few more work
stations. It redirects the dst-port=80 traffic coming from workstation to
the LVS server (with ip policy route-map proxy-redirect). I can see the
redirected traffic coming to eth0 of the LVS server. But i am still not sure
how the LVS system intercepts those packets because the packets have dst-IP
other than that of the LVS server.
If i telnet to 202.79.63.240 80 from workstation I can access the proxy.
That means LVS is accepting and forwarding the packet to Real Server when
the dst-ip is 202.79.63.240.
I have put following rules
>>>>>>>>
#ipvsadm -A -t 202.79.63.240:80
#ipvsadm -a -t 202.79.63.240:80 -r 192.168.10.10:80 -m
I even tried with
ipvsadm -A -t 0.0.0.0:80
ipvsadm -a -t 0.0.0.0:80 -r 192.168.10.10:80 -m
:(
>>>>>>>>>
cat /proc/sys/net/ipv4/ip_forward
1
>>>>>>>>>>>
# iptables -nL -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 192.168.10.0/24 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
best regards,
Bikrant
|
