> Once upon a time Jacob Suter shaped the electrons to say...
> >modem user makes request to somewhere.on.the.net:80, then because of the
> >redirection rules, it redirect that packet to one cirtain box, say
> >proxy.intrastar.net:3128, or something like that.
>
> We don't do this. Forcing redirection doesn't work for most things.
> The browser would only accept packets back from the host it called in the
> first place. It would be better to put a proxy server in the upstream
> path at a chokepoint.
It takes a little trickery, but can be done. Take a look at:
http://squid.nlanr.net/Squid/FAQ/FAQ-5.html#ss5.8
for instructions. It does depend on two things: a proxy server which can
take non-proxy requests and a kernel which can do IP masquerading. Squid
can do the former, and Linux (thanks to X/OS's skill and our money :-) can
do the latter.
Kevin
------------------------------------------------------------------------------
Kevin Fink <kevin@fink.com> N2H2, Creators of Bess
http://www.fink.com/ 1301 Fifth Avenue, Suite 1501
http://www.n2h2.com/ Seattle, WA 98101
------------------------------------------------------------------------------
(206) 971-1400 VOICE (206) 971-1460 FAX (206) 680-7666 PAGER
------------------------------------------------------------------------------