Are you using squid as a router or as a bridge? I could not get squid to work as a transparent bridge for any kernel >2.6.29. I could not get it to work as a router for any kernel >=2.6.32. Haven't tried 2.6.31.5 specifically, but as a router 2.6.31.12 works, but not as a bridge. > -----Original Message----- > From: mhariri [mailto:meysam.hariri@xxxxxxxxx] > Sent: Thursday, February 04, 2010 6:54 AM > To: squid-users@xxxxxxxxxxxxxxx > Subject: Re: Squid3.1 TProxy weirdness > > > Hi, > > I have the same problem with squid 3.1.0.15 / tproxy 4.1 / iptables > v1.4.5 / > kernel 2.6.31.5 > the access.log shows no squid activity and with routing rules mentioned > in > TPROXY4 wiki: > > ip rule add fwmark 0x1 lookup 100 > ip route add local 0.0.0.0/0 dev lo table 100 > > i always get connection reset in the browser. without these routing > rules it > seems to be working but there is no cache activity and it seems that > the > clients are simply forwarded without going through the cache. > > the iptables rules are only those mentioned in the wiki and the > ip_forward > is set to 1. i've also enabled nonelocal ip binding in the kernel. > > i checked to ensure that the squid port for tproxy is actually used and > the > answer is positive because changing the port or stopping squid causes > error > in the browser! > > the result of dmesg shows NF_TPROXY is correctly initialized: > > NF_TPROXY: Transparent proxy support initialized, version 4.1.0 > NF_TPROXY: Copyright (c) 2006-2007 BalaBit IT Ltd. > > the instructions i used are exactly from the TPROXY4 wiki @ balabit.hu > and > i've checked that many times to ensure that the procedure i've taken is > correct. > > -- > View this message in context: http://n4.nabble.com/Squid3-1-TProxy- > weirdness-tp1042775p1468696.html > Sent from the Squid - Users mailing list archive at Nabble.com. > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.432 / Virus Database: 271.1.1/2666 - Release Date: > 02/03/10 19:35:00
