<table cellspacing="0" cellpadding="0" border="0" ><tr><td valign="top" style="font: inherit;">I've done something like this with policy routing (ip rule/ip route) on firewall. i didn't check the performance, but you can find my complete example here :<br>http://pmoghadam.com/blog/categories/Slackware/Squid%203.1.5.1%20-%20TPROXY%20-%20Linux%20Router.txt<br>search for "Linux Router / cache-redirect" to see the script that do actual policy routing.<br><br>Regards<br>Pejman Moghadam<br><br><br><br>--- On <b>Wed, 1/19/11, Ivan Boyadzhiev <i><ivancho.b@gmail.com></i></b> wrote:<br><blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"><br>From: Ivan Boyadzhiev <ivancho.b@gmail.com><br>Subject: [tproxy] tproxy on firewall redirecting to squid located on different ip on same subnet<br>To: tproxy@lists.balabit.hu<br>Date: Wednesday, January 19, 2011, 5:33 PM<br><br><div id="yiv1568742191">Hi
Colleagues,<br>First I would like to thank you for the great Tproxy that you've made. The idea of marking the packets and no changing of ip header is brilliant!<br>I've read all information about tproxy. The most useful pages were:<br>
<a rel="nofollow" target="_blank" href="http://wiki.squid-cache.org/Features/Tproxy4">http://wiki.squid-cache.org/Features/Tproxy4</a><br><a rel="nofollow" target="_blank" href="http://www1.shorewall.net/Shorewall_Squid_Usage.html#TPROXY">http://www1.shorewall.net/Shorewall_Squid_Usage.html#TPROXY</a><br>
<br>still there is documented how to use tproxy when the Firewall (Gateway) and Squid are on the same machine.<br><br>In my case I do have 2 different servers, for Firewall (and Gateway) and Squid. The Firewall or Gateway doesn't permit any traffic to external internet. And everyone who wants internet has to setup proxy setting of the Squid server, which is in same subnet.<br>
<br>My question is: is it possible to use TPROXY for redirecting such traffic to the squid. If so, can you provide some useful example that I can apply in my case. <br><br>Thanks again and Best Regards<br>Ivan Boyadzhiev<br>
</div><br>-----Inline Attachment Follows-----<br><br><div class="plainMail">_______________________________________________<br>tproxy mailing list<br><a ymailto="mailto:tproxy@lists.balabit.hu" href="/mc/compose?to=tproxy@lists.balabit.hu">tproxy@lists.balabit.hu</a><br><a href="https://lists.balabit.hu/mailman/listinfo/tproxy" target="_blank">https://lists.balabit.hu/mailman/listinfo/tproxy</a><br></div></blockquote></td></tr></table><br>