On 1/12/2011 12:35 a.m., Nguyen Hai Nam wrote:
Hi,
I've just installed Squid 3.2 on OpenIndiana 151a server. I have to
build squid 3.2 because I can't build squid 3.1.
I decide to install transparent/interception proxy:
# ./configure --prefix=/usr/squid --enable-ipf-transparent
# make
# make install
Modify in squid.conf with these settings
http_port 3129 intercept
and start squid:
# /usr/squid/sbin/squid
Squid listen to tcp port 3129 as well (checked via netstat command)
Next phase, I start ipfilter service and add redirect direction to
squid port
rdr iprb0 0.0.0.0/0 port 80 -> 10.2.176.31 port 3129 tcp
Then test it, but can't open any web page. Check IPfilter with ipnat
-l command, and everthing was redirected as well; then check squid.
By add proxy setting on browser's Network connections to squid IP and
port, but can't open anything too.
I've spent hours to google but still have no clue about this kind. If
anyone has idea please let me know; I highly appreciate.
Thanks,
Neddie
NP: the whole NAT system underwent an upgrade in 3.1. Portions of it
have not had much testing yet because nobody with non-Linux seems
interested or able to assist with the deep investigations needed.
For starters, I need to know how the IPs can be retrieved by Squid from
the NAT data. The current IPF implementation uses ioctl() APIs in the
kernel.
Amos
