On Aug 15, 2008, at 9:34 AM, Amos Jeffries wrote:
Ted Kaczmarek wrote:
With squid-3.HEAD-20080814 I am seeing this message.
WARNING: comm_open: setsockopt(IP_TRANSPARENT) not supported on
this platform
It does not matter if I configure wit or without
--enable-tproxy
and or
--enable-linux-netfilter.
What is the correct option for Tproxy4 support?
--enable-netfilter
NOTE: your kernel needs to be correctly patched for TPROXY options
to work.
Going through all these related Tproxy posts ona various can
really send one for ride :-)
Regards,
Ted
A how-to has recently been added to the wiki. It's not quite 100%
complete but should give you a good basis to start from.
http://wiki.squid-cache.org/ConfigExamples/TPROXYPatchingCentOS
Amos
--
Please use Squid 2.7.STABLE3 or 3.0.STABLE8
Amos,
thanks, that and few hunder other posts are how I have gotten me this
far :-)
[root@labdev ~]# dmesg | grep -i tproxy
NF_TPROXY: Transparent proxy support initialized, version 4.1.0
NF_TPROXY: Copyright (c) 2006-2007 BalaBit IT Ltd.
ip_tables: TPROXY target: only valid in mangle table, not nat
[root@labdev ~]# squid -v
Squid Cache: Version 3.HEAD-20080814
configure options: '--prefix=/usr' '--includedir=/usr/include' '--
datadir=/usr/share' '--bindir=/usr/sbin' '--libexecdir=/usr/lib/squid'
'--localstatedir=/var/squid' '--sysconfdir=/etc/squid' '--enable-
epoll' '--enable-delay-pools' '-enable-cachemgr-hostname=localhost' '--
enable-linux-netfilter' '--enable-auto-locale' --enable-ltdl-convenience
[root@labdev ~]# lsmod | grep -i tprox
xt_TPROXY 6144 0
nf_defrag_ipv4 5888 2 nf_conntrack_ipv4,xt_TPROXY
nf_tproxy_core 6400 1 xt_TPROXY,[permanent]
x_tables 15364 4
xt_tcpudp,iptable_nat,xt_TPROXY,ip_tables
2.6.25.11 kernel and iptables 1.4.
Am I missing something?
Regards,
Ted
