Search squid archive

Re: 2 Problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dean, Barry wrote:
OK. I have bodged up the IPInterception.cc file and add the line from /usr/include/sys/types.h to get it to compile.

Mu change to add the error string has resulted in the error coming out as:

clientNatLookup: NAT lookup failed: ioctl(SIOCGNATL): (22) Invalid argument

I think we have a smoking gun here! It is starting to look like Squid is constructing the structure wrong that it is passing to the ipnat driver via the ioctl.

How do debug this is the question...

Thanks for the help so far.. I'll post my findings if I get a solution.


You may be right, there have been upgrades to interception recently that are not tested in some NAT lookup methods.

To debug you can either trace it live in a debugger, or thread debugs() calls through the IPF section that display the parameter values.

However, I'd like to be certain that anything to be merged is tested and working on an unpatched kernel with working compilers.

Amos

---------------
Barry Dean
Networks Team



-----Original Message-----
From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] Sent: 15 August 2008 14:49
To: Dean, Barry
Cc: squid-users@xxxxxxxxxxxxxxx
Subject: Re:  2 Problems

Dean, Barry wrote:
Hi,

My setup: Sun X4200 Server 8GB RAM, Sun IPF 4.1.9 (592), Solaris 10 x86 Generic_137112-02

Problem 1:

I compiled SQUID 3.0_STABLE5 no problem on Solaris 10 Generic_120012-14. Which is the one we are using.

But since patching to Generic_137112-02 neither 3.0_STABLE5 or 3.0_STABLE8 will compile.

The problem is that g++ uses /usr/sfw/lib/gcc/i386-pc-solaris2.10/3.4.3/include/sys/types.h and /usr/include/sys/proc.h.

That proc.h contains:

...
volatile lgrp_id_t  p_t1_lgrpid; /* main's thread lgroup id */
volatile lgrp_id_t  p_tr_lgrpid; /* text replica's lgroup id */
...

But type "lgrp_id_t" is only defined in /usr/include/sys/types.h not the gcc one!

Pre-patch, these variables and type did not exist.

Short of getting Sun to patch the gcc types.h, or me doing it, any suggestions as to how to get it to compile...

Problem 2:

We are using IPF to direct web traffic to squid, running in transparent mode. We keep getting lots of:

clientNatLookup: NAT lookup failed: ioctl(SIOCGNATL)

I have searched and searched on this one and the nearest to an answer I have come to is that it has to do with permissions on the /dev/ipnat device, in my case:

host[53]# ls -l /dev/ipnat
lrwxrwxrwx   1 root     wheel         29 Apr  3 15:32 /dev/ipnat -> ../devices/pseudo/ipf@0:ipnat

host[54]# ls -l /devices/pseudo/ipf@0:ipnat
crw-rw-rw-   1 root     bin      165,  1 Jul 15 15:16 /devices/pseudo/ipf@0:ipnat

host[55]# getdevpolicy /dev/ipnat
/dev/ipnat
        read_priv_set=sys_ip_config
        write_priv_set=sys_ip_config

Figuring it was the device policy, I granted the running squid process "sys_ip_config" privs using ppriv, but it still kept doing it... This is when I decided to alter IPInterception.cc so that the value of errno was included in the error message, and when I discovered it no longer compiled, refer to Problem 1 !!!

Can anyone help me on this one...

It sounds like the compiler and libraries need to be updated to match the new patched kernel.

Amos


--
Please use Squid 2.7.STABLE3 or 3.0.STABLE8

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux