ons 2007-04-11 klockan 18:23 +0100 skrev Xudong Guan: > Hello all, > > First I would like to thank all the squid/tproxy developers for their > wonderful work. > > I have one question about squid and tproxy. Given a typical LAN setup > sharing a single Internet connection through a NAT gateway/firewall, > with squid itself running on the gateway machine, working in > interception mode, does it make sense to use TPROXY? Not on a NAT gateway no. TPROXY makes sense if you do not NAT traffic. I.e. where the LAN clients all have public IPs. For example a proxy running at an ISP. > The current squid interception FAQ only provides tproxy configuration > example using a router and a separate squid machine. Thats because in many environments where TPROXY is interesting the network admins do not whant to route all traffic via a Linux box, just the web traffic.. But it works just as well when Squid is runnin on the router. Just less complex setup then as there is no router configuration.. (no WCCP etc). Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel