Search squid archive

Re[4]: [squid-users] Non-transparent port works, transparent doesn't

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> > I.e. I can't put my transparent proxy to internet, I need it to be in
> > same IP space as my network interface?
> 
>  You can put it anywhere you like. There are only two requirements:
> 
>   1) NAT happens on the same OS.
>      So Squid can have direct access to the NAT data to undo the
>  destination IP erasure.
> 
>   2) Squid needs access to the same DNS as the clients.
>      To verify the packets destination IP matches the HTTP requested
>  domain.

But I can't redirect to outer networks using policy routing, only to gateways I have direct access to. I.e. not Internet.
I have a rented Linux machine out there in the Internet, to route packets there I'd need access to all ISP's gateways.
NAT seems to be my only option to send packets there.

And can I trick squid by putting same iptables rules to that machine? 
Or by another NAT, like one machine NATs to port 3129, and on squid machine it NATs to 3128?



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux