On Tue, 23 Feb 2010 14:26:38 -0600, Rhino <rhino@xxxxxxxxxxxx> wrote: > my system: > Squid 3.1.0.15 (run/installed as "squid3") > WCCP v2 HASH (Cisco switch) > centOS 5.4 kernel 2.6.30.10 w/TPROXY enabled > iptables v1.4.4 > > WCCP established between squid and switch. > TPROXY iptables rules set to forward tcp port 80 to 3128 > > From a client on a separate test subnet can browse internet via squid > server (TCPDUMP of squid interface shows the client http traffic being > served via internet); however there are zero entries in access.log > When WCCP is turned off on the switch, the client requests no longer are > visible via TCPDUMP. > Squid starts, runs as you would expect it to, no visible errors. > If WCCP is working, the IPTABLES TPROXY rules appear to be working - as > the client IP is revealed at numerous IP verification websites - then I > am led to believe I've botched my squid config somehow; though when > previously tested in intercept only (no TPROXY rules, just NAT and port > 80 redirect) access.log populated with the client requests. > > No doubt something pretty basic that I must have overlooked, but for the > life of me not seeing what it may be. > Any thoughts? > Including the cache.log debug below > thanks > -Ryan > > [root@proxy squid3]# squid -X start <snip> > 2010/02/23 13:55:35.035| Processing: 'http_port 10.10.1.10:3128 tproxy ' > 2010/02/23 13:55:35.035| http(s)_port: Listen on Host/IP: 10.10.1.10 --> > 10.10.1.10:3128 > 2010/02/23 13:55:35.035| Starting IP Spoofing on port 10.10.1.10:3128 > 2010/02/23 13:55:35.035| Disabling Authentication on port > 10.10.1.10:3128 (IP spoofing enabled) > 2010/02/23 13:55:35.035| Detect TPROXY support on port 10.10.1.10:3128 > 2010/02/23 13:55:35.035| ...Probing for IPv4 TPROXY support. > 2010/02/23 13:55:35.035| IPv4 TPROXY support detected. Using. <snip> Well that seems to be working. Now you need to track down whats happening to a request which should be using it. Amos
