при добавлении правил на роутере
iptables -t nat -I PREROUTING -i eth0 -s 109.0.0.8 -p tcp --dport 80 -j DNAT --to 109.0.0.110:3128
iptables -t nat -I PREROUTING -i eth0 -s 109.0.0.8 -p tcp --dport 443 -j DNAT --to 109.0.0.110:3129
iptables -t nat -I POSTROUTING -o eth0 -s 109.0.0.8 -d 109.0.0.110 -j SNAT --to 109.0.0.1
правила на прокси сервере
*nat
:PREROUTING ACCEPT [314:20555]
:INPUT ACCEPT [313:20511]
:OUTPUT ACCEPT [844:60999]
:POSTROUTING ACCEPT [2:130]
-A PREROUTING -s 109.0.0.0/24 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3129
-A PREROUTING -s 109.0.0.0/24 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A PREROUTING -s 192.168.10.0/24 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3129
-A PREROUTING -s 192.168.10.0/24 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A PREROUTING -s 192.168.1.0/24 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3129
-A PREROUTING -s 192.168.1.0/24 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A POSTROUTING -s 109.0.0.0/24 -j SNAT --to-source 109.0.0.110
-A POSTROUTING -s 192.168.10.0/24 -j SNAT --to-source 109.0.0.110
-A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source 109.0.0.110
COMMIT
*filter
:INPUT ACCEPT [340:18626]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1809:273786]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -s 109.0.0.0/24 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -j ACCEPT
-A INPUT -s 192.168.10.0/24 -j ACCEPT
-A INPUT -j LOG
-A INPUT -p tcp -m multiport --dports 3128:3130 -j DROP
-A FORWARD -s 109.0.0.0/24 -p udp -m multiport --dports 80,443 -j DROP
COMMIT
при открытии на винде какого-нибудь сайта по http, в cache.log
kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Upgrade-Insecure-Requests: 1^M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8^M
Accept-Encoding: gzip, deflate^M
Accept-Language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7^M
Via: 1.1 proxy.server (squid/3.5.27)^M
X-Forwarded-For: 109.0.0.1^M
Cache-Control: max-age=259200^M
Connection: keep-alive^M
Host: myip.ru^M
^Mkid1| WARNING: Forwarding loop detected for:
GET /favicon.ico HTTP/1.1^M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36^M
Accept: image/webp,image/apng,image/*,*/*;q=0.8^M
Referer: http://myip.ru/^M
Accept-Encoding: gzip, deflate^M
Accept-Language: ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7^M
Via: 1.1 proxy.server (squid/3.5.27)^M
X-Forwarded-For: 109.0.0.1^M
Cache-Control: max-age=259200^M
Connection: keep-alive^M
Host: myip.ru^M
в access.log
1546711344.892 0 109.0.0.110 TCP_MISS/403 4514 GET http://myip.ru/ - HIER_NONE/- text/html
1546711344.893 0 109.0.0.1 TCP_MISS/403 4634 GET http://myip.ru/ - ORIGINAL_DST/109.0.0.110 text/html
1546711344.913 0 109.0.0.110 TCP_MISS/403 4479 GET http://myip.ru/favicon.ico - HIER_NONE/- text/html
1546711344.913 0 109.0.0.1 TCP_MISS/403 4599 GET http://myip.ru/favicon.ico - ORIGINAL_DST/109.0.0.110 text/html
> WARNING: Forwarding loop detected for
из-за чего это может быть? и как это можно исправить, что бы все заработало