Yes, it working, but is balancing the providers on the Firewall Output... I need to apply routing rules depending on the source packets (like LAN address or IP)...
For this reason we are trying to use TPROXY, because according to the documentation of the SQUID and the Shorewall TROXY keeps the original packet headers (spoofing), which in theory would allow me to use the shorewall routing rules on tcrules according to source ... It's possible to create this police using shorewall and redirect without tcp_out_going into squid.conf, using only the shorewall routing configuration (tcrules)? Thank you... Em 08-05-2012 12:04, Tom Eastep escreveu: > On 05/08/2012 07:52 AM, Vinicius R. Baenas wrote: >> >> Hello, >> >> I wonder if someone could use the TPROXY with Shorewall and transparent >> Squid with using the routing rules on shorewall (tcrules) for hosts / >> networks (LAN) with multiples providers (WANs) directly from the >> internal network on port 80 (with TPROXY transparent squid or REDIRECT). >> >> On this issue, the routing rules is not work propertly because the >> source is the firewall ($FW) not the hosts or networks (LAN). >> >> My guess is the TPRoxy interception (spoofing) is not working.. > > I use REDIRECT with multiple ISPs and it works fine. > > -Tom ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
