senthil wrote:
> HI
>
> I have installed Tproxy 4 .
>
> I have done all the prerequisites like compiling kernel and installing
> iptables 1.4 etc
>
> When i create Bridge i cant able to browse in private ip
>
> My network :
>
> Internet ---> (eth1)squid machine(eth0)------>test client
>
> eth1 -public ip
>
> eth0 and test client ip ---->private in 172 series
>
> But i able to browse in public ip and access is seen in log of squid
So if I understand you correctly, ... when you attempt to use a private
non-Internet IP address on the public Internet it fails?
Things to know:
* bridging is based around preserving the IP address unchanged across
the machine.
* TPROXY is based around preserving the IP address across the machine.
172 series IP addresses require NAT to contact the Internet.
* NAT is based around destroying the IP address. But maintaining
information such that any response can be copied back to the right client.
Since you have 172.* addresses coming in one side and being NAT'd I
advise dropping the bridge and tproxy usage. There is no point in going
to extreme lengths to preserve the IP address at such low level only to
destroy it as soon as it exits Squid.
The NAT interception setup for Squid should be sufficient.
Amos
-- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE23 Current Beta Squid 3.1.0.16Received on Thu Feb 11 2010 - 09:01:07 MST
This archive was generated by hypermail 2.2.0 : Thu Feb 11 2010 - 12:00:04 MST