I believe you need to use tcp_outgoing_address <http://www.squid-cache.org/Versions/v3/3.0/cfgman/tcp_outgoing_address.html>. Glad you asked this, actually never thought about this, but I think this is also just what I need to solve a problem I have with some websites and our T1 load balancer. By forcing traffic to them through a virtual IP that bypasses the load balancer.
This should get the behavior you are after.
acl machine1 src 192.168.10.50/32
acl machine2 src 192.168.10.60/32
acl outbound1 myip 192.168.10.2/32
acl outbound2 myip 192.168.10.3/32
tcp_outgoing_address 192.168.10.2 machine1
tcp_outgoing_address 192.168.10.2 outbound1
tcp_outgoing_address 192.168.20.3 machine2
tcp_outgoing_address 192.168.10.2 outbound2
tcp_outgoing_address 192.168.10.1
All requests from 192.168.10.50 & 60 will go out through 192.168.10.1 & 3 respectively. Requests made to 192.168.10.2 & 3 will leave via the address they came in through. Requests made to 192.168.10.1 will go out through 192.168.10.1, using the default rule at the end.
I haven't done enough recently with acls in squid to know for sure what rule will take precedence when multiple rules are matched. You may have to change the order of the rules around to make them behave exactly as you want them to.
Thanks,
Dean Weimer
Network Administrator
Orscheln Management Co.
-----Original Message-----
From: marpel78 [mailto:marpel_at_harpaitalia.it]
Sent: Tuesday, May 20, 2008 11:33 AM
To: squid-users_at_squid-cache.org
Subject: [squid-users] Squid virtual ips problem
Hi all.
I've a big problem with squid and linux box.
My server has three ips 192.168.10.1 on eth0 and 192.168.10.2 (virtual
eth0:1) 192..168.10.3 (eth0:2).
Squid is listening on 192.168.10.1, 2 and 3 port 8080.
My problem is that i should like to make a selection based on source ip.
If i get a request from 192.168.10.50 i should that squid use 192.168.10.2
to go to internet.
If i get a request from 192.168.10.60 i should like squit use 192.168.10.3
to go to internet.
But my squid only use its physical address 192.168.10.1 to go to internet
also if my clients use 192.168.10.2 or 192.168.10.3 as proxy.
I try to use iptables + squid + ip route but it does not work.
Any suggestion please??
Thanls
-- View this message in context: http://www.nabble.com/Squid-virtual-ips-problem-tp17344754p17344754.html Sent from the Squid - Users mailing list archive at Nabble.com.Received on Tue May 20 2008 - 18:02:50 MDT
This archive was generated by hypermail 2.2.0 : Tue Aug 05 2008 - 01:05:13 MDT