Re: Squid 3.2.0.14 didn't work in interception mode

[Nguyen Hai Nam <nam.nh@xxxxxxxx>]

On 12/20/2011 7:06 PM, Amos Jeffries wrote:
> On 21/12/2011 12:33 a.m., Nguyen Hai Nam wrote:
> > Hi there,
> >
> > I'm building new squid box which is 3.2.0.14 on OpenIndiana 151a, the 
> > configuration is as usual but when squid started up, intercept mode 
> > didn't work.
> >
> > IP NAT table already works:
> >
> > # ipnat -l
> > List of active MAP/Redirect filters:
> > rdr rtls0 0.0.0.0/0 port 80 -> 10.2.176.31 port 3129 tcp
> >
> > List of active sessions:
> > RDR 10.2.176.31     3129 <- -> 66.220.149.48   80    [10.10.225.253 
> > 57093]
> > RDR 10.2.176.31     3129 <- -> 66.220.149.48   80    [10.10.225.253 
> > 57092]
>
> What NAT system is this?
>  a PF or IPFilter?
>  if PF, which OpenBSD version is it based on?
>
> How exactly is it not working?
>  ioclt() lookup failures?
>  or 409 (Conflict) HTTP responses?
>  or something else?
>
> Amos
>
> > Squid starts up normally:
> >
> > # tail -n 25 /usr/squid/var/logs/cache.log
> > 2011/12/20 02:24:07 kid1| Using Least Load store dir selection
> > 2011/12/20 02:24:07 kid1| Set Current Directory to 
> > /usr/squid/var/cache/squid
> > 2011/12/20 02:24:07 kid1| Loaded Icons.
> > 2011/12/20 02:24:07 kid1| HTCP Disabled.
> > 2011/12/20 02:24:07 kid1| Squid plugin modules loaded: 0
> > 2011/12/20 02:24:07 kid1| Ready to serve requests.
> > 2011/12/20 02:24:07 kid1| Accepting HTTP Socket connections at 
> > local=[::]:3128 remote=[::] FD 19 flags=9
> > 2011/12/20 02:24:07 kid1| Accepting NAT intercepted HTTP Socket 
> > connections at local=0.0.0.0:3129 remote=[::] FD 20 flags=41
> > 2011/12/20 02:24:07 kid1| Done reading /usr/squid/var/cache/squid 
> > swaplog (0 entries)
> > 2011/12/20 02:24:07 kid1| Finished rebuilding storage from disk.
> > 2011/12/20 02:24:07 kid1|         0 Entries scanned
> > 2011/12/20 02:24:07 kid1|         0 Invalid entries.
> > 2011/12/20 02:24:07 kid1|         0 With invalid flags.
> > 2011/12/20 02:24:07 kid1|         0 Objects loaded.
> > 2011/12/20 02:24:07 kid1|         0 Objects expired.
> > 2011/12/20 02:24:07 kid1|         0 Objects cancelled.
> > 2011/12/20 02:24:07 kid1|         0 Duplicate URLs purged.
> > 2011/12/20 02:24:07 kid1|         0 Swapfile clashes avoided.
> > 2011/12/20 02:24:07 kid1|   Took 0.05 seconds (  0.00 objects/sec).
> > 2011/12/20 02:24:07 kid1| Beginning Validation Procedure
> > 2011/12/20 02:24:07 kid1|   Completed Validation Procedure
> > 2011/12/20 02:24:07 kid1|   Validated 0 Entries
> > 2011/12/20 02:24:07 kid1|   store_swap_size = 0.00 KB
> > 2011/12/20 02:24:08 kid1| storeLateRelease: released 0 objects
> > 2011/12/20 02:24:27| Squid is already running!  Process ID 2413
> >
> > Squid still works fine with configured proxy setting in browser.
> >
> > Hope to receive your kind assistance.
> >
> > Best regards,
> > ~Neddie
Hi,

It's IPfilter:

Squid Cache: Version 3.2.0.14
configure options:  '--prefix=/usr/squid' '--enable-ipf-transparent' 
--enable-ltdl-convenience

I forgot to attach the debug errors; by the way, it failed at ioclt() 
lookup:

2011/12/20 04:06:03 kid1| BUG: Orphan Comm::Connection: 
local=10.2.176.31:3129 remote=10.2.178.178:13216 FD 14 flags=33
2011/12/20 04:06:03 kid1| NOTE: 7 Orphans since last started.
2011/12/20 04:06:03 kid1| Intercept.cc(253) IpfInterception: NAT lookup 
failed: ioctl(SIOCGNATL)

Thanks,