Re: [squid-users] Squid -2.6 with Tproxy

Hi Tino,

The IPtables have been implemented by default with FC and there is no
directory for the source of iptables.
Can you give me the step by step procedure so that I can try?
Have tried a lot of suggestions and am still not going ahead.

Regards
Sunil

tino wrote:
> Your iptables patch not complete fc5 use iptables rpm source, you need
> iptables from tar.gz/bz source
> - uninstall the iptables rpm, - download tar.gz/bz source from
> netfilter.org
> - patch it with iptables-1.3-cttproxy.diff before ./configure
>
> rgds,
> Tino
>
> ----- Original Message ----- From: "Sunil K.P." <sunil@hyperia.com>
> To: <squid-users@squid-cache.org>
> Sent: Friday, August 11, 2006 4:33 PM
> Subject: [squid-users] Squid -2.6 with Tproxy
>
>
>> Hi,
>>
>> I have squid 2.6 STABLE 2 running on FC 2.6.15.2.
>> It is working fine in transparent mode.
>>
>> But I am trying to use Tproxy so that all the requests will spoofed
>> to show the clients IP address and not the cache server.
>> The patches have been applied to the kernel, compiled and applied as
>> per procedure.
>> After restarting the system the modules ipt_tproxy and ipt_TPROXY are
>> loaded.
>>
>> The problem starts when I apply the following iptables rule
>> iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j
>> TPROXY --on-port 3128
>>
>> The traffic stops going thru the cache server. If the rule is removed
>> the traffic goes smoothly.
>> Cache.log shows the following error
>> tproxy ip=192.168.10.11,0x9eec383e,port=0 ERROR ASSIGN
>>
>> There seems to be no proper documentation for implementation of
>> tproxy with squid on the net.
>> Pls. advice.
>>
>> Regards
>> Sunil
>
Received on Sat Aug 12 2006 - 18:39:09 MDT