Short question:
Can squid 2.4.DEVEL4 work as a transparent proxy on a Linux 2.4 kernel?
Long version:
I am trying to configure squid for Transparent proxying with a Linux 2.4
system. I cannot seem to get it to work, and I am not sure if it is my
configuration or if Squid cannot transparently proxy on Linux 2.4. Requests
are getting redirected to squid, but I get only "ERROR 503: Service
Unavailable" errors when I try to connect through it. Using squid as a
normal proxy works fine.
I have the following lines in my squid.conf:
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
Could this be because the way to obtain the "original" destination IP
address has changed for Linux 2.4? From a posting to the netfilter mailing
list, available at:
http://lists.samba.org/pipermail/netfilter/2000-November/005847.html
Within the new Linux netfilter framework, NAT functionality is cleanly
separated from the TCP/IP core processing. In old days, you could easily
retrieve the original destination (IP address and port) of a transparently
proxied connection by calling the normal getsockname() syscall.
With netfilter, getsockname() returns the real local IP address and port.
However, the netfilter code gives all TCP sockets a new socket option,
SO_ORIGINAL_DST, for retrieval of the original IP/port combination.
Thank you for your assistance.
-- Evan Jones - ejones@netwinder.org Technology with Attitude - Rebel.com -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Mon Nov 20 2000 - 15:24:38 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:56:28 MST