On 26/07/2012 8:43 p.m., Graeme Dargie wrote:
> Hi all
>
> I have squid setup on a pfsense box that is running openvpn, the VPN is configured to send specific traffic via the VPN but not web traffic, when I enable squid web traffic is being routed via the VPN despite there being a firewall rule to force it via the normal wan interface. I do not see anything in the squid config pages that let me force squid to use the wan interface, is there some sort of optional config command to allow this?
Squid does not have direct access to any part of the kernel routing
system which allows it to determin things as low-level as which
interface is used.
The normal way to do it is to configure the OS routing rules to make
their decision based on what PID/process-name is sending the packets.
They are teh place where outgoing IP and interfaces are set.
All we have to play with at the Squid level are:
tcp_outgoing_address - to determine what IP Squid sends from
tcp_outgoing_tos - to determine what TOS flags are set
Amos
Received on Thu Jul 26 2012 - 12:37:35 MDT
This archive was generated by hypermail 2.2.0 : Fri Jul 27 2012 - 12:00:02 MDT