[tproxy] New challenge: a design issue

Ming-Ching Tiew mingching.tiew at redtone.com
Thu Dec 13 07:24:53 CET 2007

From: "Ming-Ching Tiew" <mingching.tiew at redtone.com>
> However, in tproxy4 this feature cannot coexist with
> early spoofing. Either I use squid's tcp_outgoing_address
> or I used the spoof-ed sender address. And for tproxy users, 
> spoofing sender address is more important, and therefore 
> there is no way to use squid's ACL to influence the outgoing 
> path. All outgoing path decisions will have to be made 
> external to squid then.

I think I will work around this problem using TOS then,
since squid support TOS setting, ie all tcp_outgoing_address
settings will be ignored and squid will incluence the external
route using TOS setttings.


More information about the tproxy mailing list