DansGuardian/Squid Traffic doesn't get back to user
- by DKNUCKLES
I've purchased a Squid appliance that I'm attempting to implement, however the lack of documentation has left me a bit high and dry. Forgive me if this is a silly question, but this is my first attempt at implementing Squid.
From what I can ascertain from the documentation (or lack thereof), the users connect to DansGuardian first at port 8080 where the filtering is done, at which point it forwards it to the Squid appliance at port 3128. The traffic is then sent to the internet.
The setup I have is as follows
Gateway (MikroTik router) : 192.168.88.1
Squid/DansGuardian :192.168.88.100
Client : 192.168.88.238
Client --- Gateway --- Proxy --- Internet
I have set up a simple NAT rule to forward all traffic from the client machine (for testing purposes) to go to the DansGuardian. The traffic seems to get there, although I see a lot of SYN_RECV w/ a netstat -antp command on the virtual appliance machine. From this I gather that the traffic is NOT being routed back to the client machine.
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN -
tcp 0 0 192.168.88.100:8080 192.168.88.238:55786 SYN_RECV -
tcp 0 0 192.168.88.100:8080 192.168.88.238:55787 SYN_RECV -
tcp 0 0 192.168.88.100:8080 192.168.88.238:55785 SYN_RECV -
tcp 0 0 192.168.88.100:8080 192.168.88.238:55788 SYN_RECV -
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
Is this a routing issue or an issue with the Squid Appliance?