On Mon, 2003-06-09 at 12:31, Christoph Haas wrote: > Hi, Chris... > > > I have a RedHat firewall with two external ADSL interfaces (and one > > internal LAN interface). > > > > The plan is to use one ADSL for web (squid) and the other for everything > > else, the latter probably being the default gateway. > > > > Is there a way to tell squid to use a certain external interface, or > > should I look at doing something with iptables? > > You want the "http_port" directive. The squid.conf reads: > > # If you run Squid on a dual-homed machine with an internal > # and an external interface then we recommend you to specify the > # internal address:port in http_port. This way Squid will only be > # visible on the internal address. > > However you should definitely use iptables anyway. > > Christoph
Thanks Christoph. I'm aware of that directive, and will take great care to ensure the firewall is bolted down. My primary concern however is to tell squid to use a *secondary* interface that isn't the default gateway. I'm effectively trying to bend internal routing. The more I think about this, I think I'll have to use something like "ip route". I'd still appreciate any ideas. Chris
