I have installed SQUID on a SLES 12 server.
The server (192.168.99.80) is in a DMZ.
If in Firefox I change the following settings ...
proxy server: 192.168.99.80
... all is working correctly.
The problem is that I do not want to manually change the configuration of all the browsers in the LAN and therefore I use iptables to forward the http requests to the prox server (192.168.99.80).
As described in "http://www.tldp.org/HOWTO/TransparentProxy-6.html" I have done some changes in my firewall.
As a first step I want to enable the proxy server only for my PC (184.108.40.206).
Here the changes I have done in the firewall:
iptables -t nat -A PREROUTING -i eth0 -s 220.127.116.11 -p tcp --dport 80 -j DNAT --to 192.168.99.80:3128
iptables -t nat -A POSTROUTING -o eth0 -s 18.104.22.168 -d 192.168.99.80 -j SNAT --to 192.168.99.1
eth0 is the interface to LAN
22.214.171.124 is my PC (connected on the LAN)
192.168.99.1 is the "DMZ interface" on the Firewall
After this change I cannot connect to the Internet from my PC and in /var/log/squid/access.log I see following lines:
1416934683.591 0 126.96.36.199 NONE/400 3440 GET / - HIER_NONE/- text/html
1416934683.823 0 188.8.131.52 NONE/400 3468 GET /Artwork/SN.png - HIER_NONE/- text/html
In squid.conf I have tryed to change the following line:
old -> http_port 3128
new -> http_port 3128 intercept
but after this change nothing appears in /var/log/squid/access.log
In other words:
if I configure my browser to use the proxy server all is working correctly
but I have problems with iptables to forward the http requests to the prox server