Re: [squid-users] Transparent proxy issue

Sorry it took so long:
Below is the squid.conf followed by the tcpdump of the XP box attempting transparent proxy. Last is the XP box trying to go directly to the proxy port. Both are not working.
However. If I dialup with my Gentoo Linux, both proxy direct and transparent proxy works fine with lynx, konqueror and mozilla.

Thanks for the help!!!

Mark

First squid.conf:
###################################
http_port 12.159.53.11:3128
http_port 127.0.0.1:3128

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl notice dst 12.159.47.133/32
acl notice dst 172.16.16.254/32
acl localhost src 127.0.0.1/255.255.255.255

# Allow the localhost to have access by default
http_access allow localhost

#http_access allow all notice
http_access deny all

# and finally allow by default
http_reply_access allow all

#Allow ICP queries from everyone
icp_access allow all

deny_info ERR_ACCESS_DENIED2 all

# Leave coredumps in the first cache dir
coredump_dir /var/cache/squid

ie_refresh on
cache_effective_group squid

#############################################################

Next tcp dump...attempting transparent proxy....Windows XP Box...not working

ns1 root # tcpdump -n -i eth3
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth3, link-type EN10MB (Ethernet), capture size 68 bytes
10:53:53.452681
10:53:54.306477 IP 172.16.16.1.1026 > 172.16.16.254.53: 1+[|domain]
10:53:54.306900 arp who-has 172.16.16.1 tell 172.16.16.254
10:53:54.308093 arp reply 172.16.16.1 is-at 00:05:5e:cf:82:56
10:53:54.308104 IP 172.16.16.254.53 > 172.16.16.1.1026: 1*[|domain]
10:53:54.531023 IP 172.16.16.1.1027 > 12.159.47.133.80: S 213200:213200(0) win 8192 <mss 536,nop,nop,sackOK>
10:53:54.531056 IP 12.159.47.133.80 > 172.16.16.1.1027: S 2389261052:2389261052(0) ack 213201 win 5840 <mss 1460,nop,nop,sackOK>
10:53:55.218790 IP 172.16.16.1.1028 > 172.16.16.254.53: 1+[|domain]
10:53:56.932195 IP 172.16.16.1.1028 > 172.16.16.254.53: 1+[|domain]
10:53:58.199310 IP 172.16.16.254.53 > 172.16.16.1.1028: 1[|domain]
10:53:58.199486 IP 172.16.16.254.53 > 172.16.16.1.1028: 1[|domain]
10:53:58.454281 IP 172.16.16.1.1029 > 207.46.134.90.80: S 217110:217110(0) win 8192 <mss 536,nop,nop,sackOK>
10:53:58.454314 IP 207.46.134.90.80 > 172.16.16.1.1029: S 2394659710:2394659710(0) ack 217111 win 5840 <mss 1460,nop,nop,sackOK>
10:53:58.529401 IP 12.159.47.133.80 > 172.16.16.1.1027: S 2389261052:2389261052(0) ack 213201 win 5840 <mss 1460,nop,nop,sackOK>
10:54:02.329405 IP 207.46.134.90.80 > 172.16.16.1.1029: S 2394659710:2394659710(0) ack 217111 win 5840 <mss 1460,nop,nop,sackOK>
10:54:03.454486
10:54:04.529405 IP 12.159.47.133.80 > 172.16.16.1.1027: S 2389261052:2389261052(0) ack 213201 win 5840 <mss 1460,nop,nop,sackOK>
10:54:08.329406 IP 207.46.134.90.80 > 172.16.16.1.1029: S 2394659710:2394659710(0) ack 217111 win 5840 <mss 1460,nop,nop,sackOK>
10:54:13.456320
10:54:16.729406 IP 12.159.47.133.80 > 172.16.16.1.1027: S 2389261052:2389261052(0) ack 213201 win 5840 <mss 1460,nop,nop,sackOK>
10:54:20.329406 IP 207.46.134.90.80 > 172.16.16.1.1029: S 2394659710:2394659710(0) ack 217111 win 5840 <mss 1460,nop,nop,sackOK>
10:54:23.458093
10:54:28.417059 IP 172.16.16.1.1030 > 172.16.16.254.53: 1+[|domain]
10:54:28.603132 IP 172.16.16.254.53 > 172.16.16.1.1030: 1 NXDomain[|domain]
10:54:33.459939
10:54:40.729409 IP 12.159.47.133.80 > 172.16.16.1.1027: S 2389261052:2389261052(0) ack 213201 win 5840 <mss 1460,nop,nop,sackOK>
10:54:43.461788
10:54:44.529405 IP 207.46.134.90.80 > 172.16.16.1.1029: S 2394659710:2394659710(0) ack 217111 win 5840 <mss 1460,nop,nop,sackOK>
10:54:45.729398 arp who-has 172.16.16.1 tell 172.16.16.254
10:54:45.730009 arp reply 172.16.16.1 is-at 00:05:5e:cf:82:56
10:54:47.280729 IP 172.16.16.1.1027 > 12.159.47.133.80: R 213393:213393(0) win 0

#####################

Next, XP Trying to use proxy directly...not working....

10:55:03.464360
10:55:13.461184
10:55:19.877816 IP 172.16.16.1.1031 > 172.16.16.254.3128: S 298548:298548(0) win 8192 <mss 536,nop,nop,sackOK>
10:55:19.877854 IP 172.16.16.254.3128 > 172.16.16.1.1031: S 2490141048:2490141048(0) ack 298549 win 5840 <mss 1460,nop,nop,sackOK>
10:55:21.328418 CDP v2, ttl: 180s, Device-ID 'casscity-5300-1'[|cdp]
10:55:23.457958
10:55:23.918192 IP 172.16.16.254.3128 > 172.16.16.1.1031: S 2490141048:2490141048(0) ack 298549 win 5840 <mss 1460,nop,nop,sackOK>
10:55:28.989223 IP 172.16.16.1.1032 > 172.16.16.254.53: 2+[|domain]
10:55:28.989489 IP 172.16.16.254.53 > 172.16.16.1.1032: 2 NXDomain[|domain]
10:55:29.915192 IP 172.16.16.254.3128 > 172.16.16.1.1031: S 2490141048:2490141048(0) ack 298549 win 5840 <mss 1460,nop,nop,sackOK>
10:55:32.010041 IP 172.16.16.1.1031 > 172.16.16.254.3128: R 298913:298913(0) win 0
10:55:32.713794 IP 207.46.134.90.80 > 172.16.16.1.1029: S 2394659710:2394659710(0) ack 217111 win 5840 <mss 1460,nop,nop,sackOK>
10:55:33.454774
10:55:37.884499 IP 172.16.16.1.1034 > 172.16.16.254.3128: S 316129:316129(0) win 8192 <mss 536,nop,nop,sackOK>
10:55:37.884534 IP 172.16.16.254.3128 > 172.16.16.1.1034: S 2496726359:2496726359(0) ack 316130 win 5840 <mss 1460,nop,nop,sackOK>
10:55:42.308997 IP 172.16.16.254.3128 > 172.16.16.1.1034: S 2496726359:2496726359(0) ack 316130 win 5840 <mss 1460,nop,nop,sackOK>
10:55:43.451905
10:55:47.306489 arp who-has 172.16.16.1 tell 172.16.16.254
10:55:47.307613 arp reply 172.16.16.1 is-at 00:05:5e:cf:82:56
10:55:48.305993 IP 172.16.16.254.3128 > 172.16.16.1.1034: S 2496726359:2496726359(0) ack 316130 win 5840 <mss 1460,nop,nop,sackOK>
10:55:53.448409
10:56:00.299992 IP 172.16.16.254.3128 > 172.16.16.1.1034: S 2496726359:2496726359(0) ack 316130 win 5840 <mss 1460,nop,nop,sackOK>
10:56:03.450985
10:56:13.445993
10:56:21.308498 CDP v2, ttl: 180s, Device-ID 'casscity-5300-1'[|cdp]
10:56:23.442792
10:56:24.487893 IP 172.16.16.254.3128 > 172.16.16.1.1034: S 2496726359:2496726359(0) ack 316130 win 5840 <mss 1460,nop,nop,sackOK>
10:56:29.165762 IP 172.16.16.1.1035 > 172.16.16.254.53: 3+[|domain]
10:56:29.166023 IP 172.16.16.254.53 > 172.16.16.1.1035: 3 NXDomain[|domain]
10:56:33.446961
10:56:43.440391

###########################