[squid-users] iptables setup for tcp_outgoing_address
Antony Stone
Antony.Stone at squid.open.source.it
Fri Jun 15 22:54:49 UTC 2018
On Saturday 16 June 2018 at 00:42:57, davidjesse091 at aol.com wrote:
> I have two network interfaces on my machine. I'm trying to setup incoming
> through the enp1s0's IP address and if the connection comes from port
> 11000 then I want squid to use wlx74da388c32c7's IP address.
> IPs on my machine
> 2: enp1s0:
> inet 192.168.1.212/24 brd 192.168.1.255 scope global enp1s0
> 3: wlx74da388c32c7:
> inet 172.16.11.107/24 brd 172.16.11.255 scope global dynamic
> I want to connect to Squid proxy using the 192.168.1.212 and if I am
> connecting using port 11000, I want squid to have the traffic go out of
> the 172.16.11.107 IP
That makes no sense to me.
If I understand you correctly, it will also make no sense to the machine
connecting to your Squid proxy.
Squid must reply to the client from the same address as the client connected
to Squid on.
In other words, if you get a connection in to Squid on IP 192.168.1.212 port
3128 then you must also reply (to whichever client sent that request) from IP
192.168.1.212 port 3128.
If Squid is going to reply from IP 172.16.11.107 then then request needs to
come in to IP 172.16.11.107 in the first place.
Nothing else can work in TCP/IP terms.
If I have misunderstood, please explain in more detail what you are trying to
achieve.
Antony.
--
I want to build a machine that will be proud of me.
- Danny Hillis, creator of The Connection Machine
Please reply to the list;
please *don't* CC me.
More information about the squid-users
mailing list