Lets rewind... *Why* do a you have this requirement at all? Why have a server connected to IPv4 which is not permitted to use IPv4 ? On 2/11/2015 11:50 p.m., Robert Conlustro wrote: > Thank you for all the great information. I understand the squid will > automatically use IPv6 before IPv4 if the server has both but I want > squid to reject a server if it only has IPv4 and only allow IPv6 > connectivity. The only real problem I’m facing is that the main IPv4 > address of the squid server is being used to connect through when > there is no IPv6 connectivity on the server. You did not specify any IPv4 address Squid was to use for its outbound connections. So the OS kernel will pick whatever it likes to use for that destination. The Internet works that way, why break it? > I want to prevent the > use of the main IPv4 address altogether. I tried to make the main > IPv4 address of the server an outgoing address and then I blocked > that address but that didn’t work. It would seem you did not do it properly. Please explain "didn't work". This works for me to prevent outgoing traffic using 192.0.2.1: iptables -I OUTPUT 1 -p udp -s 192.0.2.1 -j REJECT iptables -I OUTPUT 1 -p tcp -s 192.0.2.1 -j REJECT Though a FAR better solution is to not even assign an unusable IP address to the machine. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
