From: Etienne Pretorius <etiennep@kingsley.co.za>
To: bridge@osdl.org
Subject: Re: [Bridge] transparent bridge and proxies
Date: Fri, 25 Aug 2006 00:42:13 +0200 [thread overview]
Message-ID: <44EE2B45.6090301@kingsley.co.za> (raw)
In-Reply-To: <m3u041yjlk.fsf@ursa.amorsen.dk>
[-- Attachment #1: Type: text/plain, Size: 1566 bytes --]
I am also all ears,
The transparent proxy without an IP address was my first attempt - but
then I succumbed to the pressures of a due date and just eventually
assigned an IP address to the bridged interfaces.
I suspect that it will have to be done with ip route 2 package - but
even the one-way NAT does not make your machine transparent as you need
to reply to ARP requests to allow the returning packet to find your
machine/application....
PS, could this list please add a reply-to field to just allow me to
reply to the list and not to the poster.... (so sorry Benny Amorsen for
the other email).
Kind Regards
Etienne
Benny Amorsen wrote:
>>>>>> "JL-S" == Julian Lyndon-Smith <asterisk@dotr.com> writes:
>>>>>>
>
> JL-S> So, I changed the ip address to 0.0.0.0. Everything except squid
> JL-S> still worked. I presume that's because it does not know how to
> JL-S> route the data to get stuff.
>
> JL-S> Can I add a rule to iptables or something to say "anything
> JL-S> that's come from eth1 into the local box, after processing send
> JL-S> to eth0" and vice-versa ?
>
> How about using 127.0.0.1 or something else on the local subnet?
> iptables should be able to redirect to that.
>
> I don't know how you'll get traffic from squid out of the box though.
> If you know a way to make squid reuse the original clients address in
> the outgoing connection, I'm all ears.
>
>
> /Benny
>
>
> _______________________________________________
> Bridge mailing list
> Bridge@lists.osdl.org
> https://lists.osdl.org/mailman/listinfo/bridge
>
[-- Attachment #2: Type: text/html, Size: 2445 bytes --]
next prev parent reply other threads:[~2006-08-24 22:42 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-08-24 17:31 [Bridge] transparent bridge and proxies Julian Lyndon-Smith
2006-08-24 18:20 ` Marek Kierdelewicz
2006-08-24 20:17 ` Benny Amorsen
2006-08-24 22:42 ` Etienne Pretorius [this message]
2006-08-24 20:17 ` Melissa Meyer
2006-08-24 22:05 ` Julian Lyndon-Smith
2006-08-24 22:34 ` Melissa Meyer
2006-08-24 22:20 ` Marek Kierdelewicz
-- strict thread matches above, loose matches on Subject: below --
2006-08-25 10:53 Skept
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44EE2B45.6090301@kingsley.co.za \
--to=etiennep@kingsley.co.za \
--cc=bridge@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.