Vapourmike wrote:
> Hi,
>
> So assuming this then, I could potentially change the IP address on an
> hourly basis? do you have an example ACL rule I could use that would change
> the IP based upon time? Im a complete beginner at SQUID and thus I havnt
> even setup the IP's (if I have to), I literally installed via YUM and
> changed a few settings (such as forward_for and via). so in short ...
>
> Do I need to declare the IP's? and do you have an example ACL?
>
First have a look at the FAQ section on ACLs...
http://wiki.squid-cache.org/SquidFaq/SquidAcl
...especially the part dealing with time-based access...
http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-ef469ed90b785ebb496c66523bb69030e0b7c906
...and finally the tcp_outgoing_address directive...
http://www.squid-cache.org/Doc/config/tcp_outgoing_address/
Just be aware, even though HTTP is stateless, there are any number of
sites and applications that use cookies to track a "session" and do not
play nice when that "session" changes source IP in the middle of the
transaction. You might want to use a combination of dstdom_regex and
tcp_outgoing_address (all domains starting with "a" go through the first
IP, all domains starting with "b" go through the second, etc.), or use a
src ACL to send each client out a specific IP. Otherwise, have your
clients pick an IP to connect to at random (using a proxy.pac or DNS
round robin) and base the tcp_outgoing_address on a myip ACL.
> Thanks
> Mike
>
> P.S Thanks for the swift reply, appreciated
Chris
Received on Wed Sep 16 2009 - 18:00:15 MDT
This archive was generated by hypermail 2.2.0 : Thu Sep 17 2009 - 12:00:02 MDT