[GRLUG] Multiple Squid Instances

Don Wood dond at standalelumber.com
Wed Jun 11 11:00:41 EDT 2008




On Wed, 2008-06-11 at 10:58 -0400, Don Wood wrote:

> Have you tried adding a route to that interface? I'm thinking without
> one it's just using NAT. 
> 
> 
> 
> 
> On Wed, 2008-06-11 at 10:01 -0400, Olding, Jim wrote: 
> 
> > I have a CentOS box running 2 instances of Squid, each one bound to a
> > separate interface:
> > 
> > Eth0 - 10.254.2.54 - 'Filtered' squid instance
> > Eth0:0 - 10.254.2.56 - 'Unfiltered' squid instance
> > 
> > The filtering is actually done by a web appliance which looks at the
> > source IP of HTTP requests and determines if they should be forwarded,
> > filtered for content, or blocked.
> > 
> > The issue I'm running into is that if a user is on the Unfiltered
> > instance, Squid is using the IP of the main interface (eth0) and not the
> > virtual interface it is bound to (eth0:0) for outbound requests.
> > Therefore, the web filter appliance sees the request coming from
> > 10.254.2.54, which matches its 'web filter' rule, and it blocks some
> > things that shouldn't be blocked.
> > 
> > Does anyone know any way to get squid to maintain the IP address of the
> > interface it is listening on in its outbound HTTP requests?
> > _______________________________________________


Gah! I top posted! Sorry.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shinobu.grlug.org/pipermail/grlug/attachments/20080611/5cc4ea7a/attachment.htm 


More information about the grlug mailing list