On Fri, 27 May 2005, Jan Engelhardt wrote:
> Can Squid3 "spoof" the IP when it connects to the parent cache? This would
> work in practice, because the network is laid out for such, that all packets
> have to pass the intermediate squid.
There is two ways of doing this:
a) Linux TPROXY, with support in the application. To my knowledge there
is no TPROXY patch to Squid-3.
b) Use of a large number of "private" addresses in tcp_outgoing_address,
NAT:ed to the clients real IPs before the requests reach the parent.
Regards
Henrik
Received on Wed Jun 15 2005 - 14:55:41 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Jul 01 2005 - 12:00:02 MDT