Hello, Amos, how are you?
I just did a test downgrading my kernel to 2.6.30 (downloaded from
ftp.kernel.org), using the same kernel .config of the 2.6.37 I was
using, and all the same iptables/ebtables/sysctl configuration. TPROXY
just began to work perfectly. If I switch again to 2.6.37, everything
stops.
Can this really be a problem with newer kernel versions? Are there any
specific configurations for these newer versions?
Anybody here is using squid TPROXY with newer kernels (2.6.36-2.6.37) ?
Thanks in advance for your reply and help!!
On Mon, Jan 24, 2011 at 11:25 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On Mon, 24 Jan 2011 13:30:05 -0200, Agua Emagrece <aguaemagrece_at_gmail.com>
> wrote:
>> Hello!
>>
>> I am using:
>>
>> - Slackware Linux Bridge working fine (eth0 = Internet and eth1 = Users)
>> - Latest 2.6.37 kernel
>> - Iptables 1.4.9
>> - Ebtables 2.0.9-2
>> - Squid 3.1.10
>>
>
> The config you have looks fine. There are just a few bits where your
> differ from the recommended collective knowledge found at
> http://wiki.squid-cache.org/Features/Tproxy4
>
> At this part of the page:
>
> http://wiki.squid-cache.org/Features/Tproxy4#ebtables_on_a_Bridging_device
>
> It mentions a list of other /proc settings to ensure are turned off.
>
> It could also be SELinux rules blocking things silently or the particular
> libcap version your squid is built against not picking up the privileges to
> accept TPROXY connections (3.1 only has a slightly obscure runtime warning
> for this).
>
> <snip>
>>
>>
>> If I delete the ebtables' rules, I can navigate, but without passing
>> squid (the connections goes direct).
>>
>> Am I doing something wrong? Can you point me any discution or
>> documentation regarding this issue?
>>
>> Thank you VERY much in advance for your time and help!!
>
> Amos
>
Received on Tue Jan 25 2011 - 02:24:50 MST
This archive was generated by hypermail 2.2.0 : Tue Jan 25 2011 - 12:00:03 MST