Using HAproxy as an Egress Controller + Proxy Pool?

Hey there, Folks!

I am trying to set up HAproxy as a sort of Privacy Egress Controller, where it would have a large number of public IP addresses on one interface, and it would make connections out through them randomly, from connections received inside its network, on a second interface.

I.e., outgoing connections would be forwarded by HAproxy [randomly] to IP addresses in its outbound pool as the originating Public IP, and NAT would be performed across the two interfaces to pass packets back and forth on each connection.

As I’ve seen Squid Proxy used in the past for this, as HAproxy is generally considered the [far-better] successor to Squid, I thought this sort of use case would have already been approached.

Yet I can’t seem to find anyone on Google or even talking here in the Community about having set it up that way. :thinking:

If anyone knows how to do this, it would be great to receive some guidance on it. Or, if there’s a page up somewhere that goes over how to do this using HAproxy, it would be great to get a link to it.

Squid has both forwarding and reverse proxying capabilities, but is primarily a forwarding proxy.
Haproxy is almost exclusively a reverse proxy.

When people say haproxy is considered a “better” proxy than squid they are referring to reverse proxying only.

The forward proxying capabilities in haproxy are basically non existent.

What you are trying to achieve needs a proper forwarding proxy, which haproxy is absolutely not.

Haproxy is very much the wrong tool for this job.

Ooof. :pensive: Well, that’s that, I suppose. Back to Squid it is!