Just a thought... there is an outgoing ip patch for qmail -
http://www.qmail.org/outgoingip.patch - which allows you to bind
qmail-remote to the interface of your choice. This is handy when you
have multiple IPs assigned to a single machine and want to pick the IP
you are going to send outbound emails from.
So, the thought is, can this same philosophy be applied to squid. You
could setup 4 instances of the squid http proxy on four different
ports. Then, each of the four machines on your network can use a
different instance of squid. Now, if you can just configure/hack squid
to use the outbound IP of your choice, you're in business.
> > On Saturday 08 January 2005 10:57, George Toft wrote:
> > I have a problem and am wondering how the brightest Linux brains of
> > Phoenix would solve it.
> >
> > Problem:
> > A certain web site that my family enjoys will not allow multiple
> > computers from the same IP address to use the site at the same time. I
> > currently have a Linux firewall with 2 NICs - one for the Internet and
> > one for my LAN running NAT so all of my systems have the same public IP
> > address.
> >
> > Qwest allows me 4 IP addresses, and I would like to take advantage of
> > them so we can have more than one computer at the site at one time.
> >
> >
> > Problem Statement:
> > Build a firewall that:
> > 1. Allows each computer on the LAN to send traffic out a different IP
> > address on the Internet side of the firewall.
> > 2. Filters all outgoing traffic though DansGuardian/squid.
> >
> > Essentially, each computer in the house would appear to have its own NAT
> > firewall, and I don't want to actually deploy 3 more hardware firewalls.
> >
> >
> > Random thoughts so far:
> > 1. Set up box with 4 copies of VMWare running - each with a copy of the
> > existing firewall.
> >
> > 2. Set up usermode Linux and have each one run a firewall & proxy. I'm
> > pretty fuzzy on this stuff.
> >
> > 3. Bind multiple IP's to each NIC, and attempt to set up the iptables
> > script from hell.
> >
> >
> >
> > Any input/suggestions/advice would be appreciated.
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
![M](../imgs/g.png "Eric \\"Shubes\\" at 2005-01-08 17:56")
(text/plain)