Re: [squid-users] Disabling NAT

I think you are running transparent proxy, If yes. Then you have placed
/proc/sys/net/ipv4/ip_forward 1.
It mean your proxy can forward packets... like router. In Linux world simply
placing 1 in this file mean your Linux machine like router... so if someone
set your proxy as gatway then can redirect packets. for this you will have
to place firewall rule . Tell me which OS you are using and what is the
kernel.?

Best Regs,
Masood Ahmad Shah
System Administrator

^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| * * * * * * * * * * * * * * * * * * * * * * * *
| Fibre Net (Pvt) Ltd. Lahore, Pakistan
| Tel: +92-42-6677024
| Mobile: +92-300-4277367
| http://www.fibre.net.pk
| * * * * * * * * * * * * * * * * * * * * * * * *
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
Free Microsoft support: Retry, Reboot, Reinstall.

----- Original Message -----
From: "Henrik Nordstrom" <hno@squid-cache.org>
To: "Frank Chibesakunda" <fchibesakunda@zesco.co.zm>
Cc: <squid-users@squid-cache.org>
Sent: Thursday, May 08, 2003 3:15 PM
Subject: Re: [squid-users] Disabling NAT

| tor 2003-05-08 klockan 10.34 skrev Frank Chibesakunda:
| > how do i disable NAT please, i need it disabled. am running squid
|
| If you are talking about the fact that requests proxied via Squid will
| have the source IP address of your Squid server and not the original
| client then this is not NAT but an effect of proxying. Proxies run at
| the application level, not network or packet level. The client contacts
| the proxy and kindly asks the proxy to connect to the requested
| resource. When the proxy fetches the requested URL it acts as a
| representative/delegate for the client, not the client.
|
| To allow the destination server to get information about who contacted
| Squid and requested the URL Squid adds a X-Forwarded-For header to the
| request headers, carrying the IP address Squid got the request from,
| similarly to how a representative usually indicates who he represents.
|
| Regards
| Henrik
|
| --
| Donations welcome if you consider my Free Squid support helpful.
| https://www.paypal.com/xclick/business=hno%40squid-cache.org
|
| Please consult the Squid FAQ and other available documentation before
| asking Squid questions, and use the squid-users mailing-list when no
| answer can be found. Private support questions is only answered
| for a fee or as part of a commercial Squid support contract.
|
| If you need commercial Squid support or cost effective Squid and
| firewall appliances please refer to MARA Systems AB, Sweden
| http://www.marasystems.com/, info@marasystems.com
|
|
Received on Thu May 08 2003 - 05:14:45 MDT