On 03/04/11 18:17, cyt...@pop.com.br wrote:
Hi!
I use tproxy in my squid server for a long time, but in this days I
need to redirect some trafic to other link by selected list url in
squid.conf using ACL.
I set the tcp_outgoing_address but don't work, the trafic out by
default route.
I replace tproxy from http_port to "transparent" and
tcp_outgoing_address work fine.
The old tag "transparent" used to and currently for backward
compatibility only means NAT. It is deprecated so we can in future make
it mean real HTTP transparency some day.
Use "tproxy" for TPROXY transparent proxy or "intercept" for NAT
intercepting proxy.
Resume:
without tproxy = tcp_outgoing_address work fine!
with tproxy = tcp_outgoing_address is ignored
What is this? a bug? a bad resource? bad configure?
Design. TPROXY means spoofing the source address. Traffic entering the
Squid box is identical to traffic leaving it. It is transparent at the
IP protocol level.
You must do any NAT manipulation on the IP outside of Squid. You can
only MARK or TOS the packets at the TCP level as they leave when using
TPROXY.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.11
Beta testers wanted for 3.2.0.5
