[squid-users] iptables setup for tcp_outgoing_address

davidjesse091 at aol.com davidjesse091 at aol.com
Fri Jun 15 22:42:57 UTC 2018


I have two network interfaces on my machine. I'm trying to setup incoming through the enp1s0's IP address and if the connection comes from port 11000 then I want squid to use wlx74da388c32c7's IP address.
IPs on my machine
root at poweredge:/var/log/squid# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:1e:4f:cd:c1:5f brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.212/24 brd 192.168.1.255 scope global enp1s0
       valid_lft forever preferred_lft forever
    inet6 fe80::21e:4fff:fecd:c15f/64 scope link 
       valid_lft forever preferred_lft forever
3: wlx74da388c32c7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 74:da:38:8c:32:c7 brd ff:ff:ff:ff:ff:ff
    inet 172.16.11.107/24 brd 172.16.11.255 scope global dynamic noprefixroute wlx74da388c32c7
       valid_lft 3531sec preferred_lft 3531sec
    inet6 fe80::4e86:c190:1e45:4722/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

I want to connect to Squid proxy using the 192.168.1.212 and if I am connecting using port 11000, I want squid to have the traffic go out of the 172.16.11.107 IP
Below is the relevant part of my squid.conf
http_port 11000 name=port_11000
acl port_11000_acl myportname port_11000
tcp_outgoing_address 172.16.11.107 port_11000_acl

>From what I have read the above configuration should be enough for Squid, but on Linux machines, I also need to use iptables. I have never used IP tables.
What would I need to do with iptables to make this work?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180615/c23e60c5/attachment-0001.html>


More information about the squid-users mailing list