[squid-users] source spoofing without tproxy?
David Kewley
dkewley at uci.edu
Tue Jun 13 01:48:01 UTC 2017
I want my clients to explicitly address squid as a proxy (not use tproxy),
but have squid spoof the source addresses in the forwarded connection, so
that further hops know the original source address from the IPv4 headers.
I could find no indication that anyone else has done this, and when I tried
various things, I could not get it working.
Is this possible today? If not, is it worth considering as a future
feature? Or am I overlooking a reason that this cannot work even in theory?
I got the nearly-equivalent functionality working for reverse proxying
using nginx, but so far I've found no way to do it with forward proxying.
Nginx doesn't do https forward proxying (no handling of CONNECT).
If squid can't do what I'm looking for today, I would welcome pointers to
other possible approaches.
Thanks,
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170612/bedabc4e/attachment-0001.html>
More information about the squid-users
mailing list