On 16/02/20 2:58 am, Felipe Polanco wrote: > Thanks for the reply, > > Speaking strictly about TPROXY, are there any limitations compared to > regular transparent intercept? I assume that by "regular transparent intercept" you mean NAT intercept. The primary difference between TPROXY and NAT ... is that NAT is *not* "transparent". All the differences derive from that. To use TPROXY the machine running it must have the ability to spoof IPs on packets outgoing from Squid and to properly deliver them afterwards. This primarily affects Squid hosted in cloud services where that low-level control is not permitted or quite difficult. The problems NAT introduces by having a different IP address on traffic arriving at servers largely disappear. But all other issues related to middleware touching the messages in transit remain the same. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
