Hi,
I' running tproxy2 + squid-2.7stable5 as bridge and work good. I'm using only one rule as below:
iptables -t tproxy -A PREROUTING -i br0 -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128
Rgds,
Zul
--- On Wed, 1/14/09, Benjamin Tan <tanbamboo@xxxxxxxxx> wrote:
> From: Benjamin Tan <tanbamboo@xxxxxxxxx>
> Subject: Have anyone success to setup a tproxy mode squid on a bridge?
> To: squid-users@xxxxxxxxxxxxxxx
> Date: Wednesday, January 14, 2009, 5:09 PM
> Dear Everyone,
>
> I have tried the tproxy, following the offical guild, but
> it seems that it not work on a bridge.
> My Network is like this: Client -> eth0 -> br0 ->
> eth1 -> WebServer
>
> The linux box using kernel 2.6.26, with
> tproxy4-2.6.26-200809262032.tar.bz2, and
> # dmesg|grep -i tproxy
> NF_TPROXY: Transparent proxy support initialized, version
> 4.1.0
> NF_TPROXY: Copyright (c) 2006-2007 BalaBit IT Ltd.
>
> Squid(3.1.0.3, configure with --enable-linux-netfilter) is
> running on:
> http_port 3128 tproxy
> and iptables(1.4.0 with
> tproxy-iptables-1.4.0-20080521-113954-1211362794.patch)
> rule:
> -A PREROUTING -p tcp -m socket -j DIVERT
> -A DIVERT -j MARK --set-mark 0x1
> -A DIVERT -j ACCEPT
> -A PREROUTING -p tcp -m tcp --dport 80 -j TPROXY
> --on-port 3128 --tproxy-mark 0x1/0x1
> and ip rule and route:
> ip rule add fwmark 1 lookup 100
> ip route add local 0.0.0.0/0 dev lo table 100
>
> I have tried to find the reason for many days, but no one
> is work.
>
> Any advice or information is appreciated. Thank you.
>
> --
> Benjamin
