Rephrase the "cheap nationally" into "cheat inernationally".
---- Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ngtech.co.il -----Original Message----- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Eliezer Croitoru Sent: Wednesday, June 14, 2017 11:09 AM To: 'David Kewley' <dkew...@uci.edu>; squid-users@lists.squid-cache.org Subject: Re: [squid-users] source spoofing without tproxy? Hey, This is a library I wrote that uses tproxy: https://github.com/elico/go-linux-tproxy It’s doable using some enthusiasm but technically you cannot spoof just any IP since you need to be able to receive back this traffic. You cannot really "cheap nationally" the BGP protocol but only for specific small areas which are all under your "domain" and management. All The Bests, Eliezer ---- http://ngtech.co.il/lmgtfy/ Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ngtech.co.il From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of David Kewley Sent: Tuesday, June 13, 2017 4:48 AM To: squid-users@lists.squid-cache.org Subject: [squid-users] source spoofing without tproxy? I want my clients to explicitly address squid as a proxy (not use tproxy), but have squid spoof the source addresses in the forwarded connection, so that further hops know the original source address from the IPv4 headers. I could find no indication that anyone else has done this, and when I tried various things, I could not get it working. Is this possible today? If not, is it worth considering as a future feature? Or am I overlooking a reason that this cannot work even in theory? I got the nearly-equivalent functionality working for reverse proxying using nginx, but so far I've found no way to do it with forward proxying. Nginx doesn't do https forward proxying (no handling of CONNECT). If squid can't do what I'm looking for today, I would welcome pointers to other possible approaches. Thanks, David _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
