On 3/09/2015 5:22 a.m., Juan Porter wrote: > > Hello there! :) > > Can you tell me what it means? The following line in my cache.log file: > > nf getsockopt(so_original_dst) failed on local=192.168.1.1:3128 > remote=192.168.1.120 FD 518 flags=33: (2) No such file or directory > > When this kind of lines appear in my log, also the CPU goes to 100 % with > the squid process to top. > > What it means that log line? It means the traffic arriving at an intercept port on Squid did not come from your operating systems NAT module. HTTP/1.x has two slightly different protocol syntaxes, and NAT/TPROXY each have different ways to lookup the IPs, all of which are mutually exclusive. You MUST use different http_ports to receive each type of traffic. For example; http_port 3128 http_port 3129 intercept You also need to ensure the firewall on the Squid machine has rules preventing anything outside the OS itself from sending packets to the Squid interception port(s). For netfilter / iptables that is the mangle table rule which can be seen in the config examples such as: <http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect> Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
