[squid-users] Transparent Proxy not working in 3.0 Stable1

From: WRIGHT Alan <alan.wright@dont-contact.us>
Date: Thu, 14 Feb 2008 14:46:56 +0100

Hi Folks,

I have installed squid 3.0 stable 1 and have configured it for
transparent mode.

Somehow it doesn't seem to work correctly.

When it runs, it shows that it is running in transparent mode, but then
when HTTP requests hit the box it gives the WARNING: Transparent
proxying not supported. The web browser shows an error page but from the
squid itself (Error: HTTP 400 Bad Request - Invalid URL.....).

When I configured the build, I used the tproxy and the netfilter options
for transparent proxying as I wasn't sure what one I needed.

Does anyone have a clue why it will not run in transparent mode.

I am pretty sure my iptables is OK

Here is what the trace shows:

No. Time Source Destination Protocol
Info
     20 12.102354 192.168.26.128 192.168.130.250 HTTP
GET / HTTP/1.1

Frame 20 (493 bytes on wire, 493 bytes captured)
Ethernet II, Src: 00:0c:29:e8:3d:07, Dst: 00:0c:29:01:ce:bc
Internet Protocol, Src Addr: 192.168.26.128 (192.168.26.128), Dst Addr:
192.168.130.250 (192.168.130.250)
Transmission Control Protocol, Src Port: 44418 (44418), Dst Port: http
(80), Seq: 1, Ack: 1, Len: 427
Hypertext Transfer Protocol
    GET / HTTP/1.1\r\n
    Host: 192.168.130.250\r\n
    User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.1)
Gecko/20060313 Fedora/1.5.0.1-9 Firefox/1.5.0.1 pango-text\r\n
    Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plai
n;q=0.8,image/png,*/*;q=0.5\r\n
    Accept-Language: en-us,en;q=0.5\r\n
    Accept-Encoding: gzip,deflate\r\n
    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n
    Keep-Alive: 300\r\n
    Connection: keep-alive\r\n
    \r\n

No. Time Source Destination Protocol
Info
     22 12.157274 192.168.130.250 192.168.26.128 HTTP
HTTP/1.0 400 Bad Request (text/html)[Short Frame]

Frame 22 (1514 bytes on wire, 500 bytes captured)
Ethernet II, Src: 00:0c:29:01:ce:bc, Dst: 00:0c:29:e8:3d:07
Internet Protocol, Src Addr: 192.168.130.250 (192.168.130.250), Dst
Addr: 192.168.26.128 (192.168.26.128)
Transmission Control Protocol, Src Port: http (80), Dst Port: 44418
(44418), Seq: 1, Ack: 428, Len: 1448
Hypertext Transfer Protocol
    HTTP/1.0 400 Bad Request\r\n
    Server: squid/3.0.STABLE1\r\n
    Mime-Version: 1.0\r\n
    Date: Thu, 14 Feb 2008 04:44:37 GMT\r\n
    Content-Type: text/html\r\n
    Content-Length: 1447\r\n
    Expires: Thu, 14 Feb 2008 04:44:37 GMT\r\n
    X-Squid-Error: ERR_INVALID_URL 0\r\n
    X-Cache: MISS from localhost.localdomain\r\n
    Via: 1.0 localhost.localdomain (squid/3.0.STABLE1)\r\n
    Proxy-Connection: close\r\n
    \r\n

TIA

Alan

 
Received on Thu Feb 14 2008 - 06:47:06 MST

This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST