[tproxy] New challenge: a design issue
mingching.tiew at redtone.com
Thu Dec 13 07:24:53 CET 2007
From: "Ming-Ching Tiew" <mingching.tiew at redtone.com>
> However, in tproxy4 this feature cannot coexist with
> early spoofing. Either I use squid's tcp_outgoing_address
> or I used the spoof-ed sender address. And for tproxy users,
> spoofing sender address is more important, and therefore
> there is no way to use squid's ACL to influence the outgoing
> path. All outgoing path decisions will have to be made
> external to squid then.
I think I will work around this problem using TOS then,
since squid support TOS setting, ie all tcp_outgoing_address
settings will be ignored and squid will incluence the external
route using TOS setttings.
More information about the tproxy