transparent proxy with squid and iptables won't log IPs from lan
i just finished setup a proxy machine that runs in a separate box from gw.
the adresses i use in firewall are
squid box = 10.5.5.121
gw = 10.5.5.1
lan = 10.5.5.0/24
i have the following iptables rules
on squid box
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A PREROUTING -i eth1 -s ! 10.5.5.121 -p tcp --dport 80 -j DNAT --to 10.5.5.121:3128
iptables -t nat -A POSTROUTING -o eth1 -s 10.5.5.0/24 -d 10.5.5.121 -j SNAT --to 10.5.5.1
iptables -A FORWARD -s 10.5.5.0/24 -d 10.5.5.121 -i eth1 -o eth1 -p tcp --dport 3128 -j ACCEPT
everything appears to function right, except the fact that all the logs in squid log appear as if they're coming from gw IP 10.5.5.1, no matter from what machine they were initiated.
here's an example
my question is how can i modify the iptables rules so it will forward the real ip's where the requests are originated from.
1282549242.411 74219 10.5.5.1 TCP_MISS/200 285 GET some_http_address - DIRECT/188.8.131.52 text/html
thanks in advance.