On 10/17/08 01:30, Pranav Desai wrote:
We are seeing cases where the return traffic is going out using the
proxyIP and port 8001, instead of using the origin servers IP and
port 80. I have added the traces for both cases below. Most of the
traffic goes out correctly using the origin server IP and port, but
the traffic using port 8001 is not insignificant, hence we are a bit
concerned about it.
*nod*
There are no connections coming in to port 8001.
Ok...
I have to ask, is there a reason you are not configuring clients to talk
directly to the proxy? In my experience this works a lot better than
transparent proxying. I tend to use direct proxying as the primary
method and then transparent proxying as a backup and to catch devices
that don't know how to talk to a proxy.
I am not sure what could be causing this behavior or how I should go
about debugging this. Could the conntrack table or its usage be
screwed up?
Are there any DMESG or syslog entries about the connection table being full?
Grant. . . .
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
