Search squid archive

Re: Re: Squid3.1 TProxy weirdness

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



mhariri wrote:
Hi,

I have the same problem with squid 3.1.0.15 / tproxy 4.1 / iptables v1.4.5 /
kernel 2.6.31.5
the access.log shows no squid activity and with routing rules mentioned in
TPROXY4 wiki:

ip rule add fwmark 0x1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100

i always get connection reset in the browser. without these routing rules it
seems to be working but there is no cache activity and it seems that the
clients are simply forwarded without going through the cache.

the iptables rules are only those mentioned in the wiki and the ip_forward
is set to 1. i've also enabled nonelocal ip binding in the kernel.

i checked to ensure that the squid port for tproxy is actually used and the
answer is positive because changing the port or stopping squid causes error
in the browser!

the result of dmesg shows NF_TPROXY is correctly initialized:

NF_TPROXY: Transparent proxy support initialized, version 4.1.0
NF_TPROXY: Copyright (c) 2006-2007 BalaBit IT Ltd.

the instructions i used are exactly from the TPROXY4 wiki @ balabit.hu and
i've checked that many times to ensure that the procedure i've taken is
correct.


Does Squid with the -X option during startup log a message (to screen or cache.log) about IPv6 and disabling TPROXY?

Someone just came in with at trace from 3.1.0.16 showing that something weird is going on since 3.1.0.14 added TPROXY IPv6 support.

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE7 or 3.0.STABLE23
  Current Beta Squid 3.1.0.16

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux