Re: Is it possible to implement ipchains and transparent proxy in onesystem.

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Mon, 08 May 2000 19:56:22 +0200

Russell Mosemann wrote:

> I don't understand how your explanation differs from mine. If the
> original (i.e., destination) server is listening on port 80, that means
> the packet will be destined for port 80. The packet will be redirected to
> the port squid is listening on (3128 by default). Squid sees a packet
> destined for port 80. Squid accepts the packet.

No again. Squid sees a request for a URL and connects to port 80 on the
server where it things the URL resides. httpd_accel_port has nothing to
do if or when a request arrives to Squid, only where Squid forwards the
requests once it has arrived to Squid.

Squid has and cannot have any control over what types of request arrives
to Squid. If Squid is listening to port 3128 then in Squids opinion the
data arriving on that port is destined there. What types of redirected
packets arrives there is entirely up to the TCP/IP implementation of the
host (i.e. ipchains) and is out of Squids control.

--
Henrik Nordstrom
Squid hacker
Received on Mon May 08 2000 - 12:08:19 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:53:24 MST