Hi,
Is this squid box a router or just a proxy?
- just a proxy
What tcpdump command did you ran?
- sudo tcpdump -i eth0
What is the networks that are involved?
Setup:
Client (192.168.1.8) ---> | Rotuer |
| gateway/dhcp | ---> Internet
Squid box (192.168.1.2) ---> | 192.168.1.1 |
Here Client (debian), squid (debian) and router are three separate devices.
What is the gateway and dhcp for this network?
- Router is both gateway and dhcp server
If the client is a linux box then we need the output of:
ifconfig:
eth0 Link encap:Ethernet HWaddr b8:27:eb:91:83:20
inet addr:192.168.1.8 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::6236:7570:1f1e:d238/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3214 errors:0 dropped:0 overruns:0 frame:0
TX packets:8985 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:478898 (467.6 KiB) TX bytes:2308050 (2.2 MiB)
ip route:
default via 192.168.1.1 dev eth0
169.254.0.0/16 dev eth0 proto kernel scope link src 169.254.219.186 metric 202
On Mon, Feb 13, 2017 at 10:44 PM, Eliezer Croitoru <eliezer@xxxxxxxxxxxx> wrote:
Hey,
There are couple missing pieces(in my eyes) in order to understand the picture.
Is this squid box a router or just a proxy?
What tcpdump command did you ran?
What is the networks that are involved?
What is the gateway and dhcp for this network?
If the client is a linux box then we need the output of:
$ ifconfig
$ route -n
Or
$ ip route
Thanks,
Eliezer
----
http://ngtech.co.il/lmgtfy/
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer@xxxxxxxxxxxx
From: squid-users [mailto:squid-users-bounces@lists.squid-cache.org ] On Behalf Of John Pearson
Sent: Tuesday, February 14, 2017 8:25 AM
To: Squid Users <squid-users@lists.squid-cache.org >
Subject: Squid on separate box and it can't see packets
Hi all,
I have squid on a separate box on my network with ip address 192.168.1.2
In squid.conf I have:
http_port http://0.0.0.0:3128
http_port http://0.0.0.0:3129 intercept
-------
On squid box:
$ sudo netstat -lnp | grep squid
tcp 0 0 http://0.0.0.0:3128 0.0.0.0:* LISTEN 2639/(squid-1)
tcp 0 0 http://0.0.0.0:3129 0.0.0.0:* LISTEN 2639/(squid-1)
udp 0 0 http://0.0.0.0:37444 0.0.0.0:* 2639/(squid-1)
udp6 0 0 :::41465 :::* 2639/(squid-1)
-------
I followed this example: http://wiki.squid-cache.org/ConfigExamples/Intercept/ LinuxRedirect
iptables:
# your proxy IP
SQUIDIP=192.168.1.2
# your proxy listening port
SQUIDPORT=3129
iptables -t nat -A PREROUTING -s $SQUIDIP -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port $SQUIDPORT
iptables -t nat -A POSTROUTING -j MASQUERADE
iptables -t mangle -A PREROUTING -p tcp --dport $SQUIDPORT -j DROP
------
I am redirecting port 80 packets on my router to squid box
On one of the clients: 192.168.1.8, I am running
wget -v --bind-address=192.168.1.8 http://squid-cache.org:80
On squid box, I am running tcpdump and I am able to see those packets:
22:09:58.962316 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags [S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932460 ecr 0,nop,wscale 7], length 0
22:09:59.958994 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags [S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932560 ecr 0,nop,wscale 7], length 0
22:10:01.958981 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags [S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932760 ecr 0,nop,wscale 7], length 0
But squid is not seeing them. Squid log is empty.
Need advice. Thanks!
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
