RE: FW: [squid-users] Tproxy Help // Transparent works fine

From: Alexandre DeAraujo <alexd_at_cal.net>
Date: Wed, 17 Jun 2009 10:28:35 -0700

> Does access.log say anything is arriving at Squid?
> Are you able to track the packets anywhere else?
>
> Amos

Once the client tries to browse, the connection times out after 100-150 seconds and displays the error page:
The following error was encountered while trying to retrieve the URL: http://www.msn.com/
        Connection to 207.68.172.246 failed.
The system returned: (110) Connection timed out
The remote host or network may be down. Please try the request again.

..and the following message will show on the access.log(at the same time as the timeout page is showed on the browser)
1245254249.779 179970 192.168.10.3 TCP_MISS/504 4533 GET http://www.msn.com/ - DIRECT/207.68.173.76 text/html
1245254249.779 179970 192.168.10.3 TCP_MISS/504 4533 GET http://www.msn.com/ - DIRECT/207.68.173.76 text/html
Nothing else will show in the access.log from the moment that the client tries to browse.

The following is the output of 'iptables -I INPUT -p tcp -j LOG'. Here is everything from the time the client tries to browse to when the connection times out
client ip = 192.168.10.3
squid ip = 192.168.20.10
msn.com ip = 207.68.172.246

Jun 17 10:09:20 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=192.168.20.10 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=4652 DF PROTO=TCP SPT=3920 DPT=3128 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:09:20 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=192.168.20.10 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4653 DF PROTO=TCP SPT=3920 DPT=3128 WINDOW=65535 RES=0x00 ACK URGP=0 MARK=0x1
Jun 17 10:09:20 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=192.168.20.10 LEN=968 TOS=0x00 PREC=0x00 TTL=127 ID=4654 DF PROTO=TCP SPT=3920 DPT=3128 WINDOW=65535 RES=0x00 ACK PSH URGP=0 MARK=0x1
Jun 17 10:09:20 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=46343 DF PROTO=TCP SPT=34661 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:09:20 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4655 PROTO=TCP SPT=34661 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:09:23 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=46344 DF PROTO=TCP SPT=34661 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:09:23 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4656 PROTO=TCP SPT=34661 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:09:29 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=46345 DF PROTO=TCP SPT=34661 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:09:29 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4660 PROTO=TCP SPT=34661 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:09:41 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=46346 DF PROTO=TCP SPT=34661 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:09:41 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4664 PROTO=TCP SPT=34661 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:10:05 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=46347 DF PROTO=TCP SPT=34661 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:10:05 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4673 PROTO=TCP SPT=34661 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:10:30 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32546 DF PROTO=TCP SPT=54114 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:10:30 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4683 PROTO=TCP SPT=54114 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:10:33 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32547 DF PROTO=TCP SPT=54114 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:10:33 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4684 PROTO=TCP SPT=54114 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:10:39 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32548 DF PROTO=TCP SPT=54114 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:10:39 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4688 PROTO=TCP SPT=54114 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:10:51 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32549 DF PROTO=TCP SPT=54114 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:10:51 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4693 PROTO=TCP SPT=54114 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:11:51 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=10237 DF PROTO=TCP SPT=54805 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:11:51 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4710 PROTO=TCP SPT=54805 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:12:15 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=10238 DF PROTO=TCP SPT=54805 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x1
Jun 17 10:12:15 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=207.68.172.246 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4717 PROTO=TCP SPT=54805 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 MARK=0x1
Jun 17 10:12:30 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=192.168.20.10 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4723 DF PROTO=TCP SPT=3920 DPT=3128 WINDOW=65535 RES=0x00 ACK URGP=0 MARK=0x1
Jun 17 10:12:30 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=192.168.20.10 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4724 DF PROTO=TCP SPT=3920 DPT=3128 WINDOW=65535 RES=0x00 ACK URGP=0 MARK=0x1
Jun 17 10:12:30 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=192.168.20.10 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4741 DF PROTO=TCP SPT=3920 DPT=3128 WINDOW=65535 RES=0x00 ACK FIN URGP=0 MARK=0x1
Jun 17 10:12:33 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=192.168.20.10 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4742 DF PROTO=TCP SPT=3920 DPT=3128 WINDOW=65535 RES=0x00 ACK FIN URGP=0 MARK=0x1
Jun 17 10:12:38 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=192.168.20.10 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4745 DF PROTO=TCP SPT=3920 DPT=3128 WINDOW=65535 RES=0x00 ACK FIN URGP=0 MARK=0x1
Jun 17 10:12:47 kernel: IN=wccp2 OUT= MAC= SRC=192.168.10.3 DST=192.168.20.10 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=4748 DF PROTO=TCP SPT=3920 DPT=3128 WINDOW=65535 RES=0x00 ACK FIN URGP=0 MARK=0x1

Sorry for the long lines.

Thanks,

Alex
Received on Wed Jun 17 2009 - 17:28:52 MDT

This archive was generated by hypermail 2.2.0 : Thu Jun 18 2009 - 12:00:04 MDT