[squid-users] transparent proxy and log_in_vain=1

Hi,
I have one problem already few months and still I am not able to solve it.
I am using squid as transparent proxy setup it up on FreeBSD 4.7 and making
redirection with ipnat:

rdr fxp0 192.168.100.252/32 port 80 -> 62.68.42.70 port 80
rdr fxp0 62.68.42.70/32 port 80 -> 62.68.42.70 port 80
rdr fxp0 0.0.0.0/0 port 80 -> 127.0.0.1 port 80
map xl0 192.168.100.0/24 -> 0.0.0.0/32 portmap tcp/udp 10000:65000
map xl0 192.168.100.0/24 -> 0.0.0.0/32

squid is running on 127.0.0.1 port 80

also FreeBSD is running with kernel options log_in_vain=1
just a short brief what it is:
FreeBSD features a sysctl option "net.inet.(tcp|udp).log_in_vain" that
allows packets destined for non-listening ports on a server to be logged to
syslog.

and I am getting from time to time in syslog such records:

Connection attempt to TCP 62.68.42.70:2042 from 66.163.171.166:80
--- 2 times ---
Connection attempt to TCP 62.68.42.70:2045 from 66.163.171.166:80
Connection attempt to TCP 62.68.42.70:2073 from 66.40.9.139:80
--- 3 times ---
Connection attempt to TCP 62.68.42.70:2069 from 66.40.9.143:80
Connection attempt to TCP 62.68.42.70:2133 from 216.136.224.190:80
--- 20 times ---
Connection attempt to TCP 62.68.42.70:2162 from 202.157.166.121:80
--- 3 times ---
Connection attempt to TCP 62.68.42.70:2197 from 66.230.128.157:80
--- 12 times ---
Connection attempt to TCP 62.68.42.70:2340 from 66.40.9.137:80
Connection attempt to TCP 62.68.42.70:2391 from 216.136.224.190:80

and so on ....

Ok, still everything looks working properly, but I would like to know a
reason why it's happening ?
Why the webserver sends the response to a not listened port ?

Regards,
Putinas
Received on Mon Nov 11 2002 - 07:56:46 MST