[squid-users] squid "internal?" loop - with no firewall nat going on..?
Antony.Stone at squid.open.source.it
Tue Mar 10 15:36:31 UTC 2015
On Tuesday 10 March 2015 at 15:32:25 (EU time), Amos Jeffries wrote:
> On 11/03/2015 3:18 a.m., Antony Stone wrote:
> > On Tuesday 10 March 2015 at 15:09:14 (EU time), Klavs Klavsen wrote:
> >> so intercept mode is only used, if you actually do the nat'ing on the
> >> same server as squid is running..
> > You can do the NATting somewhere else; the important point is that the
> > traffic must be NATted, not direct.
> Nope. If NAT is being performed, then it must be on the same machine as
> the proxy it is NATing *to* - haproxy in this case it seems.
> NATing on machine A to port-forwarding deliver the traffic to a port on
> machine B is no different to contacting directly to the same port on
> machine B.
Hm, apologies for the misleading advice; I suspect this may be due to changes
in Squid's handling of things since I last set up a router redirecting traffic
to a separate Squid box. Either that, or my brain has simply discarded some
details in the interim... :(
Anyway, Klavs, please take Amos' advice over mine on this.
It is also possible that putting the birds in a laboratory setting
inadvertently renders them relatively incompetent.
- Daniel C Dennett
Please reply to the list;
please *don't* CC me.
More information about the squid-users