[squid-dev] What should we do about these *wrong* wiki articles?
Eliezer Croitoru
eliezer at ngtech.co.il
Sat Jul 22 21:22:49 UTC 2017
As I understood the article the DNAT is from another box ie "the router" to the squid box.
If I understood it wrong and didn't read properly I will re-read them and see in what I am wrong.
Squid doesn't like to act as intercept proxy and to have the destination ip and port as itself ie:
Client ip is 192.168.0.30
Squid ip is 192.168.1.40
Router sits at 192.168.0.254
Router does DNAT form 192.168.0.0/24 dst port 80 to squid ip:port ie 192.168.1.30:3129
Am I missing something about this wrong picture?
Thanks,
Eliezer
----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il
-----Original Message-----
From: Amos Jeffries [mailto:squid3 at treenet.co.nz]
Sent: Friday, July 21, 2017 17:15
To: Eliezer Croitoru <eliezer at ngtech.co.il>; squid-dev at lists.squid-cache.org
Subject: Re: [squid-dev] What should we do about these *wrong* wiki articles?
On 22/07/17 01:54, Eliezer Croitoru wrote:
> It's not the MASQARADE that is bad....
> It's the DNAT rule which removes the original destination ip and port.
>
I fail to see how NAT behaving as NAT always has done makes those articles *about NAT features* "aren't up-to-date and are misleading admins"
Amos
More information about the squid-dev
mailing list