Since I can no longer run the squid proxy on the RT-AC87 like I did with my RT-N66U via entware I have been trying to configure iptables to forward port 80 requests from the AC87 to the squid running on the N66U. So far I haven't been able to make this work. I have been all over the squid site and other sites that have sample IP table entries and I guess my skill with iptables only applies to really simple things.
Here is what I have configured so far:
Internet gateway (AC87) - 192.168.10.252
squid box (N66U) - 192.168.10.253:3128
network - 192.168.10.0/24
Below are the tables I put together from research:
iptables -t nat -A PREROUTING -i br0 -s 192.168.10.253 -p tcp --dport 80 -j DNAT --to 192.168.10.253:3128
iptables -t nat -A POSTROUTING -o br0 -s 192.168.10.0/24 -d 192.168.10.253 -j SNAT --to 192.168.10.252
iptables -A FORWARD -s 192.168.10.0/24 -d 192.168.10.63 -i br0 -o br0 -p tcp --dport 3128 -j ACCEPT
Has anyone else tried to do an on lan invisible proxy?
Thanks.
Here is what I have configured so far:
Internet gateway (AC87) - 192.168.10.252
squid box (N66U) - 192.168.10.253:3128
network - 192.168.10.0/24
Below are the tables I put together from research:
iptables -t nat -A PREROUTING -i br0 -s 192.168.10.253 -p tcp --dport 80 -j DNAT --to 192.168.10.253:3128
iptables -t nat -A POSTROUTING -o br0 -s 192.168.10.0/24 -d 192.168.10.253 -j SNAT --to 192.168.10.252
iptables -A FORWARD -s 192.168.10.0/24 -d 192.168.10.63 -i br0 -o br0 -p tcp --dport 3128 -j ACCEPT
Has anyone else tried to do an on lan invisible proxy?
Thanks.
