From: Jason Opperisano <opie@817west.com>
To: netfilter@lists.netfilter.org
Subject: Re: HELP! Transparent Proxy using bridging 2.6.9 and REDIRECT on different subnet
Date: Wed, 23 Mar 2005 14:42:07 -0500 [thread overview]
Message-ID: <20050323194207.GA23346@bender.817west.com> (raw)
In-Reply-To: <4241C264.5060800@riverviewtech.net>
On Wed, Mar 23, 2005 at 01:24:20PM -0600, Grant Taylor wrote:
> 1) REDIRECT or DNAT traffic coming from the client machine to proxy with a
> known address.
> 2) SNAT traffic coming from the proxy with a known address back to an
> address the client machines are expecting. I'm not sure as of how to do
> this as the source address that they are expecting will be different
> depending on where they are trying to connect to. Seeing as how Squid can
> correctly transparent proxy traffic when it is on the correct subnet I'm
> going to assume that it knows how to handle this issue.
i didn't read the original post (or re-posts thereafter, as i have
nothing of value to add to a bridging question), but i can add this to #2
there...in the case of REDIRECT--the client is expecting a response from
the target web server--so a SNAT doesn't make sense in that scenario,
as it would be pretty much guaranteed to break the communication.
REDIRECT is a whole different beast from DNAT.
-j
--
"Facts are meaningless. You could use facts to prove anything that's
even remotely true!"
--The Simpsons
next prev parent reply other threads:[~2005-03-23 19:42 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-03-23 17:08 HELP! Transparent Proxy using bridging 2.6.9 and REDIRECT on different subnet Trevor Paskett
2005-03-23 17:08 ` Trevor Paskett
2005-03-23 19:24 ` Grant Taylor
2005-03-23 19:42 ` Jason Opperisano [this message]
-- strict thread matches above, loose matches on Subject: below --
2005-03-23 19:18 Trevor Paskett
[not found] <2F413D5F33545D4A8465BBEE900238CC3FA777@cymmail.cymphonix.com>
2005-03-23 23:50 ` Grant Taylor
2005-03-24 0:35 ` Grant Taylor
2005-03-24 6:25 ` Grant Taylor
2005-03-24 8:50 ` Grant Taylor
2005-03-24 21:09 ` Grant Taylor
2005-03-24 19:04 Trevor Paskett
2005-03-24 19:04 ` Trevor Paskett
2005-03-25 21:30 Trevor Paskett
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050323194207.GA23346@bender.817west.com \
--to=opie@817west.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.