NAT to a client

Taylor, Grant gtaylor at riverviewtech.net
Thu Apr 28 19:21:22 CEST 2005


> the source port of traffic destined to a squid proxy is not 80, it's
> 1024:65535...why do i *constantly* see this in rules sets?

Does Squid send out requests on behalf of it's clients from port 3128 to port 80 and thus have returning traffic from 80 to 3128?  I know this is not the situation where clients connect to Squid, but rather when Squid connects to the web servers.  Seeing as how this rule is running on eth1, the internal LAN interface, this is irrelevant.



Grant. . . .



More information about the netfilter mailing list