[tproxy] tproxy on firewall redirecting to squid located on different ip on same subnet

Pejman Moghadam pmoghadam at yahoo.com
Sun Jan 23 06:21:28 CET 2011

I've done something like this with policy routing (ip rule/ip route) on firewall. i didn't check the performance, but you can find my complete example here :
search for "Linux Router / cache-redirect" to see the script that do actual policy routing.

Pejman Moghadam

--- On Wed, 1/19/11, Ivan Boyadzhiev <ivancho.b at gmail.com> wrote:

From: Ivan Boyadzhiev <ivancho.b at gmail.com>
Subject: [tproxy] tproxy on firewall redirecting to squid located on different ip on same subnet
To: tproxy at lists.balabit.hu
Date: Wednesday, January 19, 2011, 5:33 PM

Hi Colleagues,
First I would like to thank you for the great Tproxy that you've made. The idea of marking the packets and no changing of ip header is brilliant!
I've read all information about tproxy. The most useful pages were:


still there is documented how to use tproxy when the Firewall (Gateway) and Squid are on the same machine.

In my case I do have 2 different servers, for Firewall (and Gateway) and Squid. The Firewall or Gateway doesn't permit any traffic to external internet. And everyone who wants internet has to setup proxy setting of the Squid server, which is in same subnet.

My question is: is it possible to use TPROXY for redirecting such traffic to the squid. If so, can you provide some useful example that I can apply in my case. 

Thanks again and Best Regards
Ivan Boyadzhiev

-----Inline Attachment Follows-----

tproxy mailing list
tproxy at lists.balabit.hu

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20110122/284cbea5/attachment.htm 

More information about the tproxy mailing list