Search squid archive

Re: Unable to get TPROXY working with squid

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 27/02/2015 12:41 p.m., Carvaka Guru wrote:
> I am building a simple linux firewall router with eth1 LAN port and eth0
> WAN port. I have squid3 running on it that I have built with netfilter
> enabled. The linux version running on the firewall is debian wheezy which
> has iptables with TPROXY and socket support.
> 
> By setting up the iptables to send traffic to squid3 using the original nat
> prerouting REDIRECT method everything works fine but I can't get the TPROXY
> method to work. I followed all the steps outlined in
> http://wiki.squid-cache.org/Features/Tproxy4

Uhm... no. You ran a *completely* different command line.


> but no traffic gets to squid3.
> In fact all HTTP traffic goes into some hole as soon as I issue the
> following two routing commands -
> 
> ip rule add fwmark 1 lookup 100
> ip route add local 0.0.0.0/0 dev lo table 100
> 
> Without these two commands the HTTP traffic goes through but never gets
> routed to squid3.
> 
> I think the "ip route" command is the culprit but I don't know why or how
> to change it?

That is explained in the "/!\" notes directly following the example
configuration you "followed".

It even has a whole section "Some routing problems to be aware of" just
to repeat the message about this problem and what to do about it.

<http://wiki.squid-cache.org/Features/Tproxy4#Routing_configuration>

Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux