[squid-users] NAT port translation

Hi,

I have the following setup:

Users <---> FW <---> Squid <---> Internet

1) The firewal (FW) interface, facing Squid is configure with PAT.
2) Squid is listening at port 8080.

When I execute "netstat -na" on squid, I see a lot of session established
from FW to Squid and Squid to Internet.

May I know to identify the actual session from FW to Internet. Take note my
FW is doing a PAT.

This is what appear in "netstat -na":

Squid IP address facing FW -- 10.10.10.2
FW IP address facing squid -- 10.10.10.1
Squid External IP address facing Internet -- 10.10.20.1
Internet IP address are public IPs

Local Address -- Foreign Address
10.10.10.2:8080 -- 10.10.10.1:12312
10.10.10.2:8080 -- 10.10.10.1:22341
10.10.10.2:8080 -- 10.10.10.1:33810
10.10.10.2:8080 -- 10.10.10.1:33879
...
10.10.20.1:22091 -- InternetIP1:12312
10.10.20.1:22092 -- InternetIP2:22341
10.10.20.1:22093 -- InternetIP3:33810
10.10.20.1:22109 -- InternetIP4:33879
..

My access.log access logs are not help, all I can is only the FW IP address
(10.10.10.1) (PAT).
1231231231.004 5678 10.10.10.1 TCP_MISS ......
1231231567.020 23 10.10.10.1 TCP_MISS ......
1231231688.027 69 10.10.10.1 TCP_MISS ......
1231231899.004 430 10.10.10.1 TCP_MISS ......

Is there a way to find out how Squid translate internally, meaning session
from "10.10.10.1:22341" is the same session for "10.10.20.1:22092".

Thanks,

Andy
Received on Mon Dec 06 2004 - 07:04:32 MST