Re: [SQU] Transparent proxying with spoof'd outbound packets from cache

From: Tom Minchin <tom@dont-contact.us>
Date: Tue, 7 Nov 2000 11:07:24 +1100

On Mon, Nov 06, 2000 at 03:42:36PM -0800, Ben Efros wrote:
> It would be possible to improve on the transparent proxying idea by spoofing
> the source address on all outbound packets from the proxy. This way the
> _real_ www server will see the user's _real_ ip as it is presented to the
> cache.
>
> This would of course be optional and only available on certain platforms,
> but it would be an awsome feature for those that want to do "transparent"
> caching in an ISP environment... It would be a limiting factor only when
> the upstream provider is presented with a non-valid IP, so the option must
> be disabled in environments where there is only one real Internet IP
> address, because we don't want a spoofed "10.x.x.x" packet escaping the
> local network.
>
>
> Has anyone heard of anybody doing such a thing already?
>

I've seen some commercial devices which do this (eg CacheFlow). Handy if you don't want customers to realise that they are being proxied.

tom@asiaonline.net

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Mon Nov 06 2000 - 17:17:33 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:56:15 MST