Tim Wolfe wrote:
> (format SourceIP:SourcePort > DestinationIP:DestinationPort)
> dns1:4567 > yahoo:80 (seen from tcpdump on dns1)
> dns1:4567 > yahoo:80 (seen from tcpdump on squid)
> yahoo:80 > dns1:4567 (seen on squid)
Expected, as Squid has to masquerade as the origin server when running a
transparent proxy (else the clients would not know what to do with the
returned packets).
But the above pattern is also the expected one when you haven't
completed the transparent proxy setup with the packet redirection rules
in ip-filter..
> I believe that squid should be changing the source ip to itself, get
> the reply and then forward it back to original client (dns1 in this
> case) looking something more like this:
>
> dns1:4567 > yahoo:80 (tcpdump on dns1)
> (router redirects to squid)
> dns1:4567 > yahoo:80 (tcpdump on squid)
> (squid grabs URL, makes a request to yahoo, forwards)
> squid:4567 > yahoo:80 (tcpdump on squid)
> yahoo:80 > squid:4567 (yahoo replies to squid)
> (squid changes destination, forwards)
> squid:80 > dns1:4567 (sends dns1 yahoo's response)
The last line would read:
yahoo:80 > dns1:4567 (squid sends dns1 yahoo's response)
Things to look into:
a) Can you still reach the web from the Squid proxy machine? Try running
lynx there, connecting directly to the site.
If not then you have serious problems either in firewalling or router
redirection.. not a Squid problem.
b) Can you use Squid as a proxy?
env http_proxy=http://your.squid.server:port/ lynx
http://www.yahoo.com/
If not then Squid is not working well, and you need to investigate your
squid.conf and maybe your /etc/resolv.conf settings.
-- Henrik Nordstrom Squid Hacker c) -- Henrik Nordstrom Squid HackerReceived on Thu Apr 19 2001 - 13:57:39 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:23 MST