hello members,
Recently i configured squid proxy on ubuntu to catch youtube and http websites . Ever thing is running fine can get 96mbps downloading speed to customer once the file is cached in ubuntu server. but one issue is there with some users they c’t access sites d’t open properly.
i had created mangle rule to redirect the traffic to squid server.
what i want is some specified lan ip should access internet directly not through squid server
need firewall rule for this
if your proxy setup is a “traspararent one” .. in your firewall rules you probably have (somewhere.. search for it) a rule for ‘redirect’ http traffic to ubuntu server. Just before this rule you can put some exclusions for those clients you want to allow direct conn.
if you have “non trasparent” setup you have to bypass proxy on client config ..or.. tweak in some way your ubuntu proxy to exclude/bypass for those specific clients.
i need the rule to allow direct connection to specified ip . proxy is trasprant
put a ‘accept’ rule before the ‘redirect’ filtering for dest-tcp-port80 and src ip address (or a address-list) of the bypassed client
thanks for the great help but what about the chain forward? or other option
yes, forward ..exactly where you already have the ‘redirect’ rule to proxy