I have configured squid to work as NAT using
apt-get install squid
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
Have added to /etc/squid/squid.conf
acl internal_network src 192.168.0.0/24
http_access allow internal_network
access_log /var/log/squid/access.log squid
Problem: /var/log/squid/access.log is empty when I use proxy from remote computers.
When I make telnet localhost 3128
then it does write to log:
1308144959.810 0 127.0.0.1 TCP_DENIED/400 1693 NONE NONE:// - NONE/- text/html
So the problem is that logging is somehow turned off for remote proxy use.
Permissions:
- /var/log/squid/ – 0777
- /var/log/squid/* – 0666
cat /var/log/squid/cache.log | grep access
gives
logfileOpen: opening log /var/log/squid/access.log
without any errors.
Best Answer
My network interface was br0, not eth0 or eth1
iptables -t nat -A PREROUTING -i br0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1:3128
fixed the problem.