RE: Funky Firewall - Engineering Request

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: David Koopman
Date:  
To: plug-discuss
Subject: RE: Funky Firewall - Engineering Request
> So, the thought is, can this same philosophy be applied to squid. You
> could setup 4 instances of the squid http proxy on four different
> ports. Then, each of the four machines on your network can use a
> different instance of squid. Now, if you can just configure/hack squid
> to use the outbound IP of your choice, you're in business.


You can do this with squid, just set it up in the squid.conf file! The
squid.conf file indicates you can configure squid to use the outgoing
IP address of your choice, based on rules you setup. In other words,
you can setup squid to use a different outgoing IP address for each of
the computers on your network. You don't even need a separate
instances of Squid to do this!!

From squid.conf:

# TAG: tcp_outgoing_address
# Allows you to map requests to different outgoing IP addresses
# based on the username or sourceaddress of the user making
# the request.
#
# tcp_outgoing_address ipaddr [[!]aclname] ...
#
# Example where requests from 10.0.0.0/24 will be forwareded
# with source address 10.1.0.1, 10.0.2.0/24 forwarded with
# source address 10.1.0.2 and the rest will be forwarded with
# source address 10.1.0.3.
#
# acl normal_service_net src 10.0.0.0/255.255.255.0
# acl good_service_net src 10.0.1.0/255.255.255.0
# tcp_outgoing_address 10.0.0.1 normal_service_net
# tcp_outgoing_address 10.0.0.2 good_service_net
# tcp_outgoing_address 10.0.0.3
#
# Processing proceeds in the order specified, and stops at first fully
# matching line.
#
#Default:
# none


---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss