[tproxy] New challenge: a design issue
KOVACS Krisztian
hidden at sch.bme.hu
Mon Dec 17 15:19:55 CET 2007
Hi,
On Thu, Dec 13, 2007 at 02:24:53PM +0800, Ming-Ching Tiew wrote:
> From: "Ming-Ching Tiew" <mingching.tiew at redtone.com>
> > However, in tproxy4 this feature cannot coexist with
> > early spoofing. Either I use squid's tcp_outgoing_address
> > or I used the spoof-ed sender address. And for tproxy users,
> > spoofing sender address is more important, and therefore
> > there is no way to use squid's ACL to influence the outgoing
> > path. All outgoing path decisions will have to be made
> > external to squid then.
>
> I think I will work around this problem using TOS then,
> since squid support TOS setting, ie all tcp_outgoing_address
> settings will be ignored and squid will incluence the external
> route using TOS setttings.
Yes, this is clearly the way to go.
--
KOVACS Krisztian
More information about the tproxy
mailing list