How to exempt a few IP's from Port redirection.
Anders Peter Fugmann
email hidden
Sat Oct 8 09:25:37 CEST 2005
Aditya Nag wrote:
> Hi,
> Here's my problem.
>
> I am running a server that provides Squid proxying services to my
> network. I use the transparent proxy feature of Squid along with
> REDIRECT_PROXY rule in Fiaif to redirect port 80 to my squid port.
>
> All this is working fine. My problem is, I need to exempt some IP's
> from this rule, i.e when that particular IP tries to access a website,
> for example, he should get SNATed instead of going through the proxy.
> Basically, I need a way to give some fixed IP's NAT access to the net.
> I have the SNAT rules all setup, and all other ports get SNATed for
> these servers. But how do I make the servers avoid the port
> redirection?
>
> Is there someway in which I can say the following
>
> REDIRECT_PROXY="tcp 80 ALL IP's EXCEPT x.y.z.q=>0.0.0.0/0 127.0.0.1 6588"
Negation is not possible in the current version of FIAIF. FIAIF2 will
allow when I get the time to work on it.
>
> ??
>
> Regards,
> Aditya Nag
Regards
Anders Fugmann
More information about the fiaif
mailing list