Your iptables patch not complete
fc5 use iptables rpm source, you need iptables from tar.gz/bz source
- uninstall the iptables rpm,
- download tar.gz/bz source from netfilter.org
- patch it with iptables-1.3-cttproxy.diff before ./configure
rgds,
Tino
----- Original Message -----
From: "Sunil K.P." <sunil@xxxxxxxxxxx>
To: <squid-users@xxxxxxxxxxxxxxx>
Sent: Friday, August 11, 2006 4:33 PM
Subject: Squid -2.6 with Tproxy
Hi,
I have squid 2.6 STABLE 2 running on FC 2.6.15.2.
It is working fine in transparent mode.
But I am trying to use Tproxy so that all the requests will spoofed to
show the clients IP address and not the cache server.
The patches have been applied to the kernel, compiled and applied as per
procedure.
After restarting the system the modules ipt_tproxy and ipt_TPROXY are
loaded.
The problem starts when I apply the following iptables rule
iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j
TPROXY --on-port 3128
The traffic stops going thru the cache server. If the rule is removed
the traffic goes smoothly.
Cache.log shows the following error
tproxy ip=192.168.10.11,0x9eec383e,port=0 ERROR ASSIGN
There seems to be no proper documentation for implementation of tproxy
with squid on the net.
Pls. advice.
Regards
Sunil