External transparent Squid: Redirect HTTP traffic with original client IP



  • Hi, I have a question: Is it possible to redirect HTTP traffic to an external transparent Squid box keeping the original client IP?

    I mean…
    I configured my external transparent Squid box to listen on port TCP 80, as I found in the forum that there was a bug when doing NAT to a different port other than TCP 80. Then I did the NAT.
    My client machines are being catch by the transparent external Squid, but when I check the proxy logs I noticed that the logged IP is the IP of my pfSense, as it is being NATed (translated).

    For example: Client machine IP 172.16.223.70 access www.pfsense.org and my pfSense IP 172.16.0.254 does the NAT. The logged IP for the access is the pfSense IP.

    With this setting, I can't know what each machine is accessing.

    So that is my doubt: Is it possible to redirect HTTP traffic to an external transparent Squid box keeping the original client IP?


Log in to reply