On 12/01/18 01:08, Antony Stone wrote:
On Thursday 11 January 2018 at 13:02:43, Matus UHLAR - fantomas wrote:
On 11/01/18 21:50, --Ahmad-- wrote:
must the ip be attached on os interface so that squid use it as
outgoing address ? can squid use outgoing address that not being
attached to the interface ?
On Jan 11, 2018, at 12:07 PM, Amos Jeffries wrote:
No it cannot.
On 11.01.18 12:22, --Ahmad-- wrote:
is this squid limitation ?
or
kernel limitation ?
what about logical limitation? in order for software to use an IP address,
that address must be configured in the system.
I'd say it's a networking limitation. If Squid sends packets from an address
which is not on the server, where will the reply packets end up and what use
are they?
Indeed.
So to reply to Ahmad more clearly;
It is a limitation being _enforced_ by your kernel networking system.
But that is only enforcement so don't think you can just patch around
it. Patching around this one will just make you hit other errors
elsewhere with the networking systems.
The only way to send non-assigned IPs from a machine is with mechanisms
like TPROXY. Which places requirements on the *inbound* networking
operates. Those inbound requirements prohibit Squid from being
configured like you are wanting its inbound to operate.
Anyhow, I think we are getting well of track with this. My earlier
suggested config was correct and the only way to reliably do what you
said you wanted. Other problems can still occur, but are not related to
the problem you first posted nor to the config I suggested to make that
requested behaviour happen.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
