On Mon, 31 Aug 2009 15:25:32 +0300, "Alans" <batpower83_at_yahoo.co.uk> wrote:
> Hi,
>
> I'm new to Squid and Iptable, I have some questions:
> 1. TPROXY is used so that squid go to internet with different IPs,
> right?
> 2. How to check if TPROXY is used with Iptable?
> 3. If it's, then is there any other ways to go out with different IPs
> each time other than TPROXY?
>
> Regards,
> Alans
TPROXY is done by the kernel outside of Squid. The IPs are already changed
by the time they arrive, all Squid does is use the socket IP_TRANSPARENT
test to see if they arrived via TPROXY and set the same flag on the
outbound links. The kernel will kill the TCP open attempt if the IPs used
on outbound do not match any IPs it sent to Squid.
Contact the kernel people for any more details.
Amos
Received on Tue Sep 01 2009 - 05:52:41 MDT
This archive was generated by hypermail 2.2.0 : Tue Sep 01 2009 - 12:00:04 MDT