Re: IP masquerading: squid or iptables?
- From: Richard Tijink <richard@xxxxxxxxx>
- Date: Sat, 21 Jan 2006 21:06:15 +0100
your iptables is responsible for masquerading when ip-packets are forwarded from your LAN to Internet.
If u use squid as a proxy, your client connects to the proxy-server, which in turn establishes a new connection to the internet (the packets are then leaving the server with your internet ip-address). This is independent of iptables.
When squid is stopped, your clients cannot connect to your server on the proxy-port and therefore have no access to internet. Again this is independent of iptables.
Hope this helps.
I installed squid and iptables on my redhat 9 box. This box is connected to internet and to the Lan.
The client browsers in the Lan point to the squid server.
The IP masquerading is also installed.
I know squid is a proxy with cache and acl list, while iptables is a firewall mainly blocking access from internet.
Now i'm confused with which software does actually perform the IP masquerading, because:
when i stop squid but not iptables, no client in the Lan can access internet, but
when i stop iptables but not squid, any client has access to internet.
So i conclude that squid is responsible for the IP masquerading, but in all documentation, i read is iptables doing that.
Any explanation would be welcome ...
- Prev by Date: scsi question
- Next by Date: Creative Labs SoundBlaster Live! 24
- Previous by thread: scsi question
- Next by thread: Creative Labs SoundBlaster Live! 24