[tproxy] Tproxy + DNS + OpenDNS = Borked
Adrian Chadd
adrian.chadd at gmail.com
Thu May 20 02:45:52 CEST 2010
On 20 May 2010 07:55, Tristram Cheer <tproxy at tristramcheer.com> wrote:
> Is there anyway to get squid and TPROXY to spoof DNS requests to show as
> coming from the client IP and not cache the result?
With a bit of coding, sure. This has an impact on your cache contents
- since each client has a "different view" of DNS, content is going to
have to be cached according to the client themselves rather than just
globally. Also, cached content for client A that isn't filtered by
open DNS will be returned to client B that is filtered by open DNS
because cached content doesn't necessarily require constant
revalidation, and cached content w/out revalidation won't require a
DNS lookup to complete. That'll require further code changes.
You should bounce further questions like this to the squid-users@
list, rather than this list!
Adrian
More information about the tproxy
mailing list