Hi, I have compiled the linux-2.6.19.1 kernel and iptables-1.3.7 after patching them with the tproxy support. ( http://www.balabit.com/downloads/tproxy/linux-2.6/cttproxy-2.6.19-2.0.6.tar.gz). And I have compiled squid-2.6STABLE5 after enabling tproxy support. But I am not able to successfully configure the tproxy feature in my cache. The squid.conf entries are as follows http_port 3128 transparent tproxy Kernel setting: net.ipv4.ip_forward = 1 net.ipv4.ip_nonlocal_bind= 1 iptables rules: iptables -t tproxy -A PREROUTING -p tcp -d ! 172.16.1.57(cache box P) --dport 80 -j TPROXY --on-port 3128 But this setup behaves just like the ordinary transparent proxy and the source IP address of the requests going from the proxy still have the IP of the cache box instead of the Client IP. And I get a cache.log entry saying tproxy ip=172.16.1.32,0x200110ac,port=0 ERROR ASSIGN But when I add the following entry to squid.conf, I get timeout error on the client after trying for long time. tcp_outgoing_address 172.16.1.57 #(ip of the cache box). Is this configuration (tcp_outgoing_address) a necessary one for the tproxy setting.. What does the error "tproxy ip=172.16.1.32,0x200110ac,port=0 ERROR ASSIGN" mean. I understand that this error occurs on the setsockopt() system call with EINVAL. What is the most probable cause of the error,. kernel related , application related or a misconfiguration on squid. Any clues on this will be a great help. Thanks -logu
