Thanks Bazsi. Does it mean that the patch wont work in a WCCP configuration? Because with WCCP, the proxy cannot be the router nor can it be inline with the router. Googling on this problem led me to this link :
I am unable to figure out how Squid in WCCP mode can work with the patch. What I am trying to do is something similar.
----- Original Message ----
From: Balazs Scheidler
<bazsi@balabit.hu>
To: Jojy Varghese <jojygv@yahoo.com>
Cc: tproxy@lists.balabit.hu
Sent: Friday, August 17, 2007 12:14:13 AM
Subject: Re: [tproxy] TPROXY + Arp Table
On Thu, 2007-08-16 at 13:21 -0700, Jojy Varghese wrote:
> Thanks Bazsi. In a real life scenario, where my proxy server will be
> inside a firewall how can the proxy server make the routing decision?
> The trafic is always going to flow through the firewall/router and
> then come to the subnet having the proxy server.
In order for tproxy to work the traffic must flow through the tproxy
box. Either install the proxy on the firewall, or put it in-line with
the firewall. That's the only way to do it.
With Zorp you could script a different scenario, but I guess you are not
using Zorp as a firewall.
--
Bazsi