I need to transparently proxy traffic, and the best way to do this seems to be to use tproxy, since that allows IPv6 traffic to be supported. However, when using tproxy, Squid spoofs the client's source address when making the connection to the web server - this is something I don't need, and breaks requests that end up going to web servers on the local network since the return traffic from the web server ends up going straight back to the client instead of back to Squid.
So far the only way I've found to disable the spoofing behaviour is to send the traffic via a non-transparent upstream proxy. Is there some way to turn off source address spoofing without using a second proxy?
-- - Steve Hill Technical Director Opendium Limited http://www.opendium.com Direct contacts: Instant messager: xmpp:steve@xxxxxxxxxxxx Email: steve@xxxxxxxxxxxx Phone: sip:steve@xxxxxxxxxxxx Sales / enquiries contacts: Email: sales@xxxxxxxxxxxx Phone: +44-844-9791439 / sip:sales@xxxxxxxxxxxx Support contacts: Email: support@xxxxxxxxxxxx Phone: +44-844-4844916 / sip:support@xxxxxxxxxxxx
