Search squid archive

Re: SSL Bump and NF getsockopt failed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3/10/2015 12:31 a.m., Job wrote:
> Hello,
> 
> i have enabled SSL Bump with certificates, i redirect the 443 on the 3129 port of my Squid server but https sites are not accessible anymore and i can see these errors in logs:
> 
> ERROR: NF getsockopt(ORIGINAL_DST) failed on local=192.168.10.xxx

The connection arriving at Squid does not have any NAT records in the
Squid machine kernel.

It is mandatory that NAT be done on the Squid machine. Not on some
remote router (aka CPE "port-forwarding").
 <http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat>


It is mandatory that you *not* test NAT ports by configuring your
browser to use the proxy via it. Configure the testing browser the same
way teh cleints woudl be tested.

Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux