On Thursday 08 May 2003 19.36, Dave Restall - System Administrator
wrote:
> and amazingly, I can now use squid transparently and get the web
> server to see the client's IP address. It works really well, I see
> an entry in the squid log for the reqest, I also see an entry in
> the web server log - with the client's IP address.
Good news.
> However it is not perfect. It only works intermittently. It will
> work correctly for a few requests, then it will start using the IP
> address of the squid box instead of the server. This will continue
> for a few requests then the client IP address starts being used
> again.
Well.. both the kernel and the Squid parts of tproxy is development
patches, and some glitches can be expected..
Your next step is to try to figure out if the glitch is in the Squid
patch or in the kernel patch. Working with the person who wrote the
tproxy patch for Squid is probably recommended.
> I have been in touch with the patch developers (for both tproxy and
> squid) and have not had much success, so in desperation it is time
> to ask the help of the list, basically has _ANYBODY_ got this to
> work 100% and if so what did they do. I'm doing the following :-
I do not think many others have attempted this yet. It is kind of a
big abuse of TCP/IP to do these things, and can only be done in very
well isolated conditions (Squid running on the gateway/router used
for Internet access).
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Thu May 08 2003 - 13:53:16 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:24 MST