Chris Conn wrote:
>
> Hello,
>
> I have come across a small problem using transparent caching with ipchains
> and Linux 2.2. I wish to have some web traffic forwarded directly to the
> origin servers, and this traffic must have the IP address of the
> requestor, not the IP of the cache server. The problem being that at this
> time, all requests to these web servers are being logged as the IP of the
> cache, and access controls based on IP addresses are not working.
>
> Is it possible, using ipchains, to insert a rule before the 80->3128 port
> redirect, based on destination IPs, to forward a request without address
> modifications in order to preserve the IP address of the original
> requestor?
(A small thing) > (chances)
I don't like the odds of what you're trying to do. I believe it is
actually _possible_ but I don't believe it is possible without creating
specific and Evil(tm) tools..(Simplest would be a kernel module...the
only other alternative I can think of would be to use something like
Zebra, and write a special daemon to whisk interfaces around on the fly.
Unsatisfactory, IMO)
D
(who does not know everything under the sun)
Received on Mon Jun 14 1999 - 08:14:32 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:46:51 MST