On Wed, Mar 23, 2005 at 01:24:20PM -0600, Grant Taylor wrote:
> 1) REDIRECT or DNAT traffic coming from the client machine to proxy with a
> known address.
> 2) SNAT traffic coming from the proxy with a known address back to an
> address the client machines are expecting. I'm not sure as of how to do
> this as the source address that they are expecting will be different
> depending on where they are trying to connect to. Seeing as how Squid can
> correctly transparent proxy traffic when it is on the correct subnet I'm
> going to assume that it knows how to handle this issue.
i didn't read the original post (or re-posts thereafter, as i have
nothing of value to add to a bridging question), but i can add this to #2
there...in the case of REDIRECT--the client is expecting a response from
the target web server--so a SNAT doesn't make sense in that scenario,
as it would be pretty much guaranteed to break the communication.
REDIRECT is a whole different beast from DNAT.
-j
--
"Facts are meaningless. You could use facts to prove anything that's
even remotely true!"
--The Simpsons
