On Sat, 26 Mar 2005 16:29:43 +0100, martin wrote in message <[EMAIL PROTECTED]>:
> also sprach Arnt Karlsen <[EMAIL PROTECTED]> [2005.03.24.2014 +0100]: > > ..having re-read this thread all the way from your Message-ID: > > <[EMAIL PROTECTED]>, I _lost_ you. > > > > ..is this some kinda paid "research" you're doing for Microsoft??? > > Yeah, sure. I am a secret M$ agent trying to improve MS Proxy Server > 1.0 for the scheduled release in 2006^W9. .. ;o) > I am not sure what problems you are having understanding the > challenge at hand. ..a weird set of details from which I couldn't make out any kinda sense of your overall purpose, as in "ok, you told me _how_ you wanna do it, but _what_ are you trying to do, and _why_?". > also sprach David Mandelberg <[EMAIL PROTECTED]> > [2005.03.25.1730 +0100]: > > > This works. Problem is that the packets arriving at 3128 have the > > > dynamic external IP as source, when they should have 127.0.0.1. > > Is there a problem with that? > > Yes. As stated multiple times: it breaks squid access control. ..like here. > > When a program under linux tries to contact an address that's used > > by one of the machine's interfaces, the traffic is sent localy and > > never goes to that interface. > > ... fwiw, any TCP/IP stack does this. > > > Using SNAT would probably break the http client because it would > > send using the world ip and therefore wouldn't be listening on > > 127.0.0.1 for the reply from squid. > > What? > > Maybe we should just forget the details and someone can give me > a clear answer to: is it possible to rewrite both, source and > destination socket in locally generated, outgoing packets, *before* > a routing decision is made? ..now we're talking. ;o) Communication stategy: Try explain _what_ you're trying to do, and _why_, like you would to some new date's sceptical grandma. ..in german too, these 2 languages are different enough structurally that I'm guessing you may have a clear idea of what you wanna do, but stumble into some subtle trap neither of us sees before you try the grandma stunt. ..and preliminarily, yeah, you can do a lot of wild ass stunts with squid and netfilter code, but I still don't know whether that actually answers your questions. ..on challenges, remember the facts in the Coffee-Howto are products of some geeks who mistook the previous set of facts for a challenge, there _are_ easier ways to get coffee. ;o) -- ..med vennlig hilsen = with Kind Regards from Arnt... ;o) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
