[sdnog] configure outgoing configuration based on incoming ports

Patrick Okui pokui at psg.com
Wed Jun 29 14:49:13 SAST 2016

Hi Samir, all,

On 29 Jun 2016, at 10:59 EAT, Samir S. Omer wrote:

> Hi all
> I'm configuring a Linux CentOS machine with multiple virtual IPs to 
> run a squid service listening on different ports.
> how can I bind requests coming for each port to go through specific IP 
> ?
> for example requests coming to port 8081 to go out with the IP 
> and requests coming through port 8082 goes out with IP 
> incoming -> Squid -> Outgoing
> *:8081   -> Squid ->
> *:8082   -> Squid ->

You want the configuration directive tcp_outgoing_address (it won’t 
fix the port number but it’ll fix the outgoing ip address).

Documentation for this is at 

In short you also need an ACL to match the incoming packets. So 
something along the following lines

acl net1 localport 8081
acl net2 localport 8082

tcp_outgoing_address net1
tcp_outgoing_address net2

Please read the configuration for tcp_outgoing_address, it lists some 
configuration options it is incompatible with e.g TPROXY.

The ACL documentation is at <http://www.squid-cache.org/Doc/config/acl/>

If you have ipv6 on your network you also need a tcp_outgoing_address 
entry either for each entry based on your port numbers or a general one 
that matches all ipv6 addresses.

I’m curious though why you need to do this.


More information about the sdnog mailing list