Arun Srinivasan wrote:
Hi List,
Has anyone successfully used cache_peer support with tproxy4 enabled?
Not that I'm aware of at this point.
The scenario is running Squid proxy with tproxy4 enabled and another
http proxy (no tproxy4) on the same box.
First Squid would receive the request from the user, then connects to
its cache_peer which is the other http proxy.
With tproxy enabled, am not able to establish connection between Squid
and the other proxy. However, in interception mode, am able to do
this.
Please advise if I am missing out anything.
Following are the packages and its versions used:
Kernel version: 2.6.26
Tproxy version: tproxy4-2.6.26-200809262032
iptables version: tproxy-iptables-1.4.0-20080521-113954-1211362794
Squid version: squid-3.HEAD-20081021
The new TPROXY/Squid interaction is that it natively spoofs the client
IP on all outbound links made newly for that request.
Two things to check are:
- does the client IP have access to use the hidden peer proxy?
- do the connections between peers go over lo interface? I'm not sure
what the special kernel behavior with public IPs on localhost interface
would be.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10
Current Beta Squid 3.1.0.1
