[tproxy] tproxy on firewall redirecting to squid located on different ip on same subnet

Balazs Scheidler bazsi at balabit.hu
Wed Jan 19 21:08:41 CET 2011


In this case you need to use NAT. TPROXY redirection only works within the local kernel.

----- Original message -----
> Hi Colleagues,
> First I would like to thank you for the great Tproxy that you've made.
> The idea of marking the packets and no changing of ip header is
> brilliant! I've read all information about tproxy. The most useful pages
> were: http://wiki.squid-cache.org/Features/Tproxy4
> http://www1.shorewall.net/Shorewall_Squid_Usage.html#TPROXY
> 
> still there is documented how to use tproxy when the Firewall (Gateway)
> and Squid are on the same machine.
> 
> In my case I do have 2 different servers, for Firewall (and Gateway) and
> Squid. The Firewall or Gateway doesn't permit any traffic to external
> internet. And everyone who wants internet has to setup proxy setting of
> the Squid server, which is in same subnet.
> 
> My question is: is it possible to use TPROXY for redirecting such
> traffic to the squid. If so, can you provide some useful example that I
> can apply in my case.
> 
> Thanks again and Best Regards
> Ivan Boyadzhiev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20110119/1f66de71/attachment.htm 


More information about the tproxy mailing list