Hi Amos, First, sorry for the double post -- my email seemed to be having issues yesterday. As to my issue: What steps can I do to try and validate that this is Squid or not? When I remove the following iptables entry and bypass Squid I can capture tcpdump traffic on the proxy machine and see no TCP reassemblies. Leaving the rules in place and passing traffic through Squid begins to show TCP reassemblies again and my application no longer works. -A PREROUTING -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128 --on-ip 0.0.0.0 --tproxy-mark 0x1/0x1 -A DIVERT -j MARK --set-xmark 0x1/0xffffffff I've been using my setup for a few years without issue and have never had an application fail to work prior to this. However when the application fails when routing traffic through Squid yet works when I bypass Squid, I'm not sure what else to blame or where else to look. Thanks, Matt Goff On Sat, Dec 14, 2013 at 5:16 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > On 14/12/2013 2:16 p.m., Matthew Goff wrote: >> Hi, >> >> I am running Squid 3.1.20 in transparent mode on a Debian machine >> configured as a bridge. I discovered that I'm having an issue with out >> of sequence packets as an application I use on one of my client >> machines is unable to gracefully handle the out of sequence packets. >> >> When I bypass Squid via iptables the out of sequence packet issue to >> the client is resolved and the application functions properly. >> >> I tried playing with disable-pmtu-discovery which made no change and I >> wasn't sure where I should be looking next. >> >> Thanks for any assistance. >> >> Matt Goff >> > > I doubt this is Squid in particular causing this. Squid just uses the > operating system read()/write() syscalls to send and receive traffic. > > Amos >
