[squid-users] squid "internal?" loop - with no firewall nat going on..?

Amos Jeffries squid3 at treenet.co.nz
Tue Mar 10 14:32:25 UTC 2015

On 11/03/2015 3:18 a.m., Antony Stone wrote:
> On Tuesday 10 March 2015 at 15:09:14 (EU time), Klavs Klavsen wrote:
>> so intercept mode is only used, if you actually do the nat'ing on the
>> same server as squid is running..
> You can do the NATting somewhere else; the important point is that the traffic 
> must be NATted, not direct.

Nope. If NAT is being performed, then it must be on the same machine as
the proxy it is NATing *to* - haproxy in this case it seems.

NATing on machine A to port-forwarding deliver the traffic to a port on
machine B is no different to contacting directly to the same port on
machine B.


