Got it working after closer inspection of tcpdump output, which revealed a routing problem. Now I need to move on to SSL traffic. We are using Squid 2.6-20 in production, so clearly we need to upgrade to use SSLbump. Which version of squid is considered most stable for use with SSLbump, in conjunction with many ACLs and delay pools. Thanks > ----- "Amos Jeffries" <squid3@xxxxxxxxxxxxx> wrote: > Sorry, that last reply was meant for the list. I checked into the > rp_filter setting: > > net.ipv4.conf.lo.rp_filter = 0 > net.ipv4.conf.lo.arp_filter = 0 > net.ipv4.conf.all.rp_filter = 0 > net.ipv4.conf.all.arp_filter = 0 > net.ipv4.conf.default.rp_filter = 0 > net.ipv4.conf.default.arp_filter = 0 > net.ipv4.conf.eth0.rp_filter = 0 > net.ipv4.conf.eth0.arp_filter = 0 > net.ipv4.conf.eth1.rp_filter = 0 > net.ipv4.conf.eth1.arp_filter = 0 > net.ipv4.conf.gre0.rp_filter = 0 > net.ipv4.conf.gre0.arp_filter = 0 > > Also, the tcpdump from the client shows nothing coming back to it, > just the outgoing SYN. > > > Regards, > > > Shawn Wright > I.T. Manager, Shawnigan Lake School > http://www.shawnigan.ca
