Alexandre Correa wrote:
maresia# ls -l /dev/pf
crw------- 1 root wheel 0, 74 Jan 10 11:18 /dev/pf
Looks like all you need to do is start squid properly as root user and
let it do the permissions dropping properly itself.
i will recompile squid without pf support.. i don´t need this on
proxies... because gateways redirect to proxies.. :)
If you are performing any kind of transparent interception with squid
you will need one of the --*-transparent options. Without it squid will
fail to correctly spoof the clients IP.
Amos
thanks !!!
regards !
On Jan 18, 2008 10:45 PM, Adrian Chadd <adrian@xxxxxxxxxxxxxxx> wrote:
On Fri, Jan 18, 2008, Alexandre Correa wrote:
yes,,, gateway redirect packets going t tcp/80 for squid servers !!
Then ls -l /dev/pf, look at the ownership/permissions, make sure you at least
start squid as root?
Adrian
On Jan 18, 2008 3:14 PM, Adrian Chadd <adrian@xxxxxxxxxxxxxxx> wrote:
Are you running Squid-2.6 as a transparent proxy?
On Fri, Jan 18, 2008, Alexandre Correa wrote:
Hello !!
one of my proxies, running squid 2.6S17 on freebsd 6.2 is trying
access PF device.. in cache.log shows this error message:
2008/01/18 14:51:13| clientNatLookup: PF open failed: (13) Permission denied
on every request !!
how i can disable this ?!?! removing this configure option
--enable-pf-transparent can solve ?
regards
--
Sds.
Alexandre J. Correa
Onda Internet / OPinguim.net
http://www.ondainternet.com.br
http://www.opinguim.net
--
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -
--
Sds.
Alexandre J. Correa
Onda Internet / OPinguim.net
http://www.ondainternet.com.br
http://www.opinguim.net
--
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -
--
Please use Squid 2.6STABLE17+ or 3.0STABLE1+
There are serious security advisories out on all earlier releases.
