Hello all,
First I would like to thank all the squid/tproxy developers for their
wonderful work.
I have one question about squid and tproxy. Given a typical LAN setup
sharing a single Internet connection through a NAT gateway/firewall,
with squid itself running on the gateway machine, working in
interception mode, does it make sense to use TPROXY? AFAIK, all the
traffic after the NAT firewall won't retain any client address anyway,
whether it appears to be from squid, or from the client.
---------------
http | NAT gateway | |--- client1
server ----WAN---| firewall |---LAN---|--- client2
| with squid | |--- client3
| Linux 2.6.x |
---------------
The current squid interception FAQ only provides tproxy configuration
example using a router and a separate squid machine.
Best regards,
Xudong Guan
