Hi all, I'm busy working on a tproxy setup with the latest squid on Ubuntu 12.04; tproxy is enabled, squid is compiled with tproxy support etc. The difference with this setup is that traffic is being sent to the host using route-map on a cisco as opposed to WCCP but it seems that should work. Unfortunately it seems there is very little documentation about the latest tproxy+squid3.1 setup method - but this is what I have -- # IP ip -f inet rule add fwmark 1 lookup 100 ip -f inet route add local default dev eth0 table 100 # Sysctl echo 1 > /proc/sys/net/ipv4/ip_forward echo 2 > /proc/sys/net/ipv4/conf/default/rp_filter echo 2 > /proc/sys/net/ipv4/conf/all/rp_filter echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter # IP Tables iptables -t mangle -N DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 1 iptables -t mangle -A DIVERT -j ACCEPT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129 In squid.conf the relevant line for http_port 3129 tproxy is set etc. With this setup I get hits on the iptables rules, and see a request in the access log but it fails to fill it, it also looks very strange -- 1336146295.076 56266 69.77.128.218 TCP_MISS/000 0 GET http://www.google.com/url? - DIRECT/www.google.com - 1336146337.969 42875 69.77.128.218 TCP_MISS/000 0 GET http://www.google.com/url? - DIRECT/www.google.com - As you can see it's a TCP_MISS/000 and the DIRECT/www.google.com in my experience should have an IP not a hostname? Additionally the sizes seem very weird. The client just hangs. Should this setup be working or is there some obvious error? Thank you in advance Dave
