Henrik Nordstrom wrote:
> On Thu, 26 May 2005, Matus UHLAR - fantomas wrote:
>
>> I'm afraid there's nothing like reverse intercepting proxy although it's
>> possible to do it. Maybe some hardware proxying solutions...
>
>
> There is the TPROXY patch for Linux.
>
> Another option is tcp_outgoing_address combined with NAT outside the
> proxy. Set up one private tcp_outgoing_address per client IP and then
> NAT these to the real client IP before the traffic leaves your network.
[So is patching with the tproxy patch one of the options or both
combined with the tcp_outgoing_address?]
>
>
> Both has very strict requirements on your networking setup as all
> return traffic must go via the proxy even if the destination IP is the
> client IP.
[You are right all traffic passes through the proxy.Is it okay if I do
the NATING on the same box as squid or some other box has tobe setup?
You will excuse me for insisting I can't stop usind squid just beacuse
of some sites blocking my squid box next time I rather they block a
particular host or network.Please advise.
Thanks
Ronny]
>
>
> Regards
> Henrik
>
-- *************************************************************************** / ''We can't become what we need to be by remaining what we are''\ \ ,, ,,/ ***************************************************************************Received on Sun May 29 2005 - 04:31:20 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:03 MDT