On Tue, Oct 22, 2019 at 1:48 PM Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
>
> I do not see any DIVERT rule at all in your firewall config dump. That
> is at least part of the problem.
I opened the previous dump and saw the divert rules here below:
Chain PREROUTING (policy ACCEPT 573K packets, 462M bytes)
pkts bytes target prot opt in out source
destination
573K 462M CONNMARK all -- * * 0.0.0.0/0
0.0.0.0/0 CONNMARK restore mask 0xff
1213 181K routemark all -- ppp1 * 0.0.0.0/0
0.0.0.0/0 mark match 0x0/0xff
3195 308K routemark all -- ppp2 * 0.0.0.0/0
0.0.0.0/0 mark match 0x0/0xff
1320 79360 routemark all -- ppp3 * 0.0.0.0/0
0.0.0.0/0 mark match 0x0/0xff
311K 277M tcpre all -- * * 0.0.0.0/0
0.0.0.0/0 mark match 0x0/0xff
0 0 divert tcp -- ppp1 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:80 flags:!0x17/0x02 socket
--transparent
0 0 divert tcp -- ppp2 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:80 flags:!0x17/0x02 socket
--transparent
0 0 divert tcp -- ppp3 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:80 flags:!0x17/0x02 socket
--transparent
76 7484 TPROXY tcp -- enp10s0 * 10.215.144.48
0.0.0.0/0 tcp dpt:80 TPROXY redirect 0.0.0.0:3129 mark
0x200/0x200
0 0 divert tcp -- ppp1 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:443 flags:!0x17/0x02 socket
--transparent
0 0 divert tcp -- ppp2 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:443 flags:!0x17/0x02 socket
--transparent
0 0 divert tcp -- ppp3 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:443 flags:!0x17/0x02 socket
--transparent
10 1060 TPROXY tcp -- enp10s0 * 10.215.144.48
0.0.0.0/0 tcp dpt:443 TPROXY redirect 0.0.0.0:3130 mark
0x200/0x200
Aren't these the DIVERT rules you are referring to?
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
