On 26.07.2012 13:54, Abhishek Chanda wrote:
Hi all,
I observed two more things:
1. I ran wireshark on the Squid box and observed that the client is
looking for a service called ndl-aas on port 3128. But no such
service
is running on the system.
Normal if your /etc/services is listing the IANA registrations instead
of the SANS registrations.
You can change the port 3128 entry in that file to "http-proxy" to make
it show Squid clearer.
2. netstat shows that Squid listens on IPV6 addresses (shows tcp6 for
port 3128).
Are these normal and expected?
Normal for IPv6-enabled Squid.
Thanks
On Wed, Jul 25, 2012 at 5:26 PM, Abhishek Chanda wrote:
Hi all,
I am trying to setup a topology like the one shown below where Squid
will be a transparent proxy. I have a restriction so that I cannot
use
iptables to redirect traffic to Squid. So, there is a daemon in Box
that captures http traffic from Client and re-writes its Destination
IP to point to Squid and destination port to 3128. All boxes can
access each other. The problem is, I ran tcpdump on all boxes and I
do
see traffic arriving at Squid, but Squid does not register a MISS or
HIT. The actual data still comes from Apache. Do I need to re-write
any HTTP header or some other configuration for this?
Client ------- Box ------- Squid --------- Apache
Thanks
Squid version?
Squid requires some way to determine that the mapping has taken place,
and to identify what the original details were.
The standard NAT functionality on your box usually provides this for
DNAT via socket options.
Question is why you can't use the built-in software?
Amos
