On Tue, 24 Nov 2009 10:34:38 +1100, "Michael Bowe" <mbowe@xxxxxxxxxxxxxxx> wrote: > Hi > > We run a number of squid 3.1.0.14 TPROXY caches in an ISP environment. > > In our access log we are seeing a fair few client IP addresses of 127.0.0.1 > and also RFC1918 address ranges. > > The caches do not have any local users. We do not have any RFC1918 clients > accessing caches, all customers have real IP addresses. > > Is something broken here? Hi Michael, Yes something is broken in the request routing loops. 127.0.0.1 should not occur at all in a TPROXY chain without localhost users. Please supply: your iptables -t mangle rules used to capture TPROXY any iptables -t nat rules the content of squid.conf (without comment #, or empty lines) the IPs of the squid box(es) and backend servers, If possible with a description of whats _supposed_ to happen to a typical clients request. You don't have to post them publicly, but I will need to see them exactly as-is to check the routing topology. Amos
