I've purchased a Squid appliance that I'm attempting to implement, however the lack of documentation has left me a bit high and dry. Forgive me if this is a silly question, but this is my first attempt at implementing Squid.

From what I can ascertain from the documentation (or lack thereof), the users connect to DansGuardian first at port 8080 where the filtering is done, at which point it forwards it to the Squid appliance at port 3128. The traffic is then sent to the internet.

The setup I have is as follows

• Gateway (MikroTik router) : 192.168.88.1
• Squid/DansGuardian :192.168.88.100
• Client : 192.168.88.238

Client ---> Gateway ---> Proxy ---> Internet

I have set up a simple NAT rule to forward all traffic from the client machine (for testing purposes) to go to the DansGuardian. The traffic seems to get there, although I see a lot of SYN_RECV w/ a netstat -antp command on the virtual appliance machine. From this I gather that the traffic is NOT being routed back to the client machine.

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      -
tcp        0      0 192.168.88.100:8080     192.168.88.238:55786    SYN_RECV    -
tcp        0      0 192.168.88.100:8080     192.168.88.238:55787    SYN_RECV    -
tcp        0      0 192.168.88.100:8080     192.168.88.238:55785    SYN_RECV    -
tcp        0      0 192.168.88.100:8080     192.168.88.238:55788    SYN_RECV    -
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -

Is this a routing issue or an issue with the Squid Appliance?