I have a Linux Debian machine with many network interfaces (venet0:1 to venet0:5) running Squid. If I connect to interface venet0:2 squid uses venet0:0 for outgoing traffic but I want Squid to use the same network interface for connections. So if I connect to the ip address for venet0:1 the proxy should also use the same interface for outgoing traffic.
Currently I use the following configuration:
http_port 200
forwarded_for off
uri_whitespace encode
visible_hostname localhost
via off
collapsed_forwarding on
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/users
auth_param basic children 5
auth_param basic realm Proxy
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl ncsa_users proxy_auth REQUIRED
access_log none
cache_store_log none
cache_log /dev/null
acl all src all
http_access allow ncsa_users
header_access From deny all
header_access Referer deny all
header_access Server deny all
header_access User-Agent allow all
header_access WWW-Authenticate deny all
header_access Link deny all
header_access Accept-Charset deny all
header_access Accept-Encoding deny all
header_access Accept-Language deny all
header_access Content-Language deny all
header_access Mime-Version deny all
I've tried out the tutorial from http://www.tastyplacement.com/squid-proxy-multiple-outgoing-ip-addresses but I don't think I can use it because I authenticate users with ncsa and not with source ip addresses.
Is there any possibility so squid use the correct network interface? It would be nice if I can avoid acl rules because that would require config changes with every change of one ip address.
No comments:
Post a Comment