Re: lvs + squid + squidguard

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: lvs + squid + squidguard
From:	Horms <horms@xxxxxxxxxxxx>
Date:	Fri, 14 Oct 2005 10:47:53 +0900

On Thu, Oct 13, 2005 at 04:00:30PM +0100, Tony Spencer wrote:

[snip, snip, snip,...]

> > > You are correct that I'm running LVS-NAT.
> > > I'm a little lost on your reply though.
> > > Are you speaking about the SquidGuard rules or the LVS rules??
> > 
> > SquidGuard. It's just a guess.
> 
> SquidGuard has no IP rules.
> It just blocks certain domains/urls listed in a db file.

All that LVS-NAT should be doing is changing the destination IP address
in the IP header of the packet from the VIP to the appropriate RIP. It
does not mangle the data section of the packet.

I guess Squidgaurd must be using the IP address that
a connection is made to as part of its test somewhere.

Perhaps its as simple as telling squidguard to act on 
connections to the RIP instead of (or as well as if you like)
the VIP. But I am really just guessing at this point.

-- 
Horms

<Prev in Thread]	Current Thread	[Next in Thread>
lvs + squid + squidguard, Tony Spencer Re: lvs + squid + squidguard, Joseph Mack NA3T RE: lvs + squid + squidguard, Tony Spencer RE: lvs + squid + squidguard, Joseph Mack NA3T RE: lvs + squid + squidguard, Tony Spencer RE: lvs + squid + squidguard, Joseph Mack NA3T RE: lvs + squid + squidguard, Tony Spencer Re: lvs + squid + squidguard, Horms <= RE: lvs + squid + squidguard - Fixed, Tony Spencer Re: lvs + squid + squidguard, Graeme Fowler RE: lvs + squid + squidguard, Tony Spencer

Previous by Date:	Re: Hardware requirements for an LVS director, Peter J Milanese
Next by Date:	problem with keepalived..., pierre
Previous by Thread:	RE: lvs + squid + squidguard, Tony Spencer
Next by Thread:	RE: lvs + squid + squidguard - Fixed, Tony Spencer
Indexes:	[Date] [Thread] [Top] [All Lists]