[squid-users] Transparent proxy before NAT
Yuri Voinov
yvoinov at gmail.com
Mon Jul 13 20:23:41 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Note:
If you want to use two NIC onto Squid box, you need to configure this
box TCP stack as a static router.
But more better to aggregate both NIC and connect router and squid box
with switch.
14.07.15 2:15, John Pearson пишет:
> Hi Everyone,
>
> My setup is: Internet <--> Squid-eth0 <--> Squid-eth1 <--> Router <-->
> Devices
>
> Currently the Router is doing NAT and DHCP for the devices connected
to it.
> Squid is in transparent mode. I set up a bridge ( br0). I set up the
> ebtables and iptables. It works but I want to figure out a way without
> having to configure Squid server or Router with hardcoded addresses.
>
> I have it working with either setup:
> 1. Remove the bridge ( br0) and setup the Squid server eth1 as a static IP
> address and set Squid server IP address as gateway in Router settings.
> 2. Since Squid server is in bridge mode, I can hard code IP address in a
> Squid ACL as all traffic appears to come this IP address from the router.
>
> I want a way to do this without any setup, basically to take a Squid box
> and place it before a Router. Is there a way to do this ?
>
> A few ideas that might be wrong:
> 1. In bridge mode, http_access allow CURRENTIPADDRESS ( CURRENTIPADDRESS
> is the dynamic IP address provided the ISP ) Is there a way to obtain this
> in the squid.conf file ?
> 2. Setup a DHCP server alongside Squid server and have Squid(DHCP) <-->
> Router(DHCP, NAT) and have same dhcp address given to the Router in
> squid.conf as http_access allow localnet
>
> Thanks in advance!
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJVpB5MAAoJENNXIZxhPexGedUH/j3tw39S2TmmU+NR/Y/ERvWK
xLwn+ixsahMtsV26M7Petp58D4mJp8ZZclFl1xf5MxOfyRv5c/n6U090asy08TRu
KBrC0rHwJr76tdRsNqLeKmGOKejGKh7H8Y24j8TZ+8dYA2Csv4DK5O8VXQAaTB9w
NIdsszXUvv2I9HtF+CPWbmIjljG0IzpqKKDMoEZtkhJXOoSzGYCO9HXNqF7H22Kz
6C7EOtOOUpu635I6IL1QLbkuoBNHgTuO4bVC8pa3unCGSdCDwOPPRbivcNEOI90x
dl5ehT7W2hQ1pZze7p5Wiy2h4AnyXc5c7bzZNOTE5JF95Kw+45Q/fRRbvXUhv/c=
=zEMT
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150714/916ea42a/attachment.html>
More information about the squid-users
mailing list