Search squid archive

Re: intercept mode gives access denied

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




You *must* perform the NAT on the machine Squid is running on for intercept
mode to work.

Doing it on any other router along the way will not work.

Unless I'm missing something, I'd phrase this differently: the NAT must not be performed between the client and Squid. Squid is indifferent if NAT occurs between itself and the server. So it's a matter of placing the two functions in the right order along the network path.

(Example: my VDSL modem performs NAT, and the intercepting Squid instance on my Linux LAN gateway box neither knows nor cares.)

If your router is some kind of Unix-like box, putting Squid on it may be the most convenient path. If the router is underpowered, the local squid can (often) be set up to avoid heavy lifting, with only a small RAM cache, and forward everything to its smarter parent. (I haven't tried this on anything in the low horsepower + high traffic realm, though.)

For a "real" router like a Cisco box, you can configure it to route appropriate traffic to the Squid box before performing NAT, using WCCP or policy-based routing, and let the router perform the NAT itself on the output of the Squid box.

Good luck!

Robert

-- 
Robert Plamondon
robert@xxxxxxxxxxxxx 

Some of my web sites:
http://nortoncreekfarm.com. Our free-range chicken/egg farm.
http://nortoncreekpress.com. My little publishing house, mostly farming books.
http://hypnosis-corvallis.com. My hypnotherapy site.
http://unlicensed-practitioner.com. Resources for Oregon's alternative/exempt practitioners.
http://plamondon.com. My main site, with lots of poultry info.
http://karls-diabetes.blogspot.com. Adventures with an autistic/diabetic child.


_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux