On 3/05/2014 11:46 a.m., Soporte Técnico wrote: > Hi people, i had a couple of freebsds boxes with squid 2.7 transparent mode > running, i recently see zph configuration directive, i didn´t know about > that. > > The question is: zph override source ip from cached HIT object? No. ZPH does nothing with IPs. All it does is set the TOS/DiffServ value on packets leaving Squid. > > I had no mikrotik hardware runing together, so i had firewall rules (ipfw) > that allow traffic in my internal network, if i enable zph as: > > #ZPH CONFIGURATION > zph_mode tos > zph_local 0x30 > > > Cached objects are going to have source ip origin with my squid box ip? Cached objects do not have IPs. *Packets* will follow the rules you setup for the "transparent" interception. If you make those rules depend on the TOS value set by ZPH then you have done the interception wrong - *all* traffic returning to the client from Squid needs TOS marking, not just the packets containing HIT objects. Amos