I have the following in startup.... ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 The ouput of ip route show table 100: local default dev lo scope host One other thing is strange, my PREROUTING rules in mangle don't load in my script. I have to manually add them. Timing issue perhaps? Startup script loded from rc.local: echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t mangle -N DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 1 iptables -t mangle -A DIVERT -j ACCEPT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129 ebtables -t broute -A BROUTING -i eth1 -p ipv4 --ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP ebtables -t broute -A BROUTING -i eth0 -p ipv4 --ip-proto tcp --ip-sport 80 -j redirect --redirect-target DROP cd /proc/sys/net/bridge/ for i in * do echo 0 > $i done unset i ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 2010/3/31 Henrik Nordström <henrik@xxxxxxxxxxxxxxxxxxx>: > ons 2010-03-31 klockan 09:47 -0700 skrev Kurt Sandstrom: >> I have been unable to get TPROXY working correctly with squid. I have >> used the steps in http://wiki.squid-cache.org/Features/Tproxy4 and re >> checked everything. >> > > I did not see your routing setup in the data you dumped. Without the > routing configured then TPROXY won't intercept, just route like normal.. > > http://wiki.squid-cache.org/Features/Tproxy4#Routing_configuration > > Regards > Henrik > >
