Re: Cisco redirection working

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sun, 08 Feb 1998 09:24:17 +0100

Watch out for looping connections with this setup. If someone requests
http://your.squid.proxy/ it will call it self recursively.

I would feel much safer if you'd ran squid on port 3128, and use ipfwadm
-r 3128 to redirect the traffic.

If your squid host has a IP in any of these networks, you should also
add a explicit rule allowing traffic addressed to the squid-host
throught without being redirected. Redirecting local traffic can be very
confusing at best.

---
Henrik Nordström
Sparetime Squid Hacker
Brian wrote:
> ipfwadm -I -a accept -r -P tcp -S 208.206.76.0/24 -D any/0 www
> ipfwadm -I -a accept -r -P tcp -S 208.214.44.0/24 -D any/0 www
> ipfwadm -I -a accept -r -P tcp -S 208.214.45.0/24 -D any/0 www
> ipfwadm -I -a accept -r -P tcp -S 208.232.62.0/24 -D any/0 www
> ipfwadm -I -a accept -r -P tcp -S 208.232.63.0/24 -D any/0 www
Received on Sun Feb 08 1998 - 00:29:47 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:48 MST