On Thursday 25 March 2004 08:44, E Roberts wrote:
> I have come across a strange problem, after what could be days, hours or
> even 10 minutes my transparent proxy will just stop working. I have tried
tcpdump of this? What _exactly_ is not happening anymore?
> to restart squid, flush and reset my firewall rules, restart NoCatAuth,
> and in the end the only thing that will get this working again is a full
> reboot.
> The setup I'm using is this:
>
> Slackware linux
> kernel 2.4.20
There are bugs in 2.4.20 iptables. Upgrade to latest and retest.
> Squid 2.5.STABLE4
> iptables v1.2.8
>
> My firewall rules seam to be unchanged when this takes effect, here is the
> part for the transparent proxy:
>
> Chain PREROUTING (policy ACCEPT)
> target prot opt source destination
> REDIRECT tcp -- 192.168.0.0/16 <ip removed> MARK match 0x4
> tcp dpt:http redir ports 8080
> REDIRECT tcp -- 192.168.0.0/16 anywhere MARK match 0x3
> tcp dpt:http redir ports 8080
> REDIRECT tcp -- 192.168.0.0/16 anywhere MARK match 0x2
> tcp dpt:http redir ports 8080
> REDIRECT tcp -- 192.168.0.0/16 anywhere MARK match 0x1
> tcp dpt:http redir ports 8080
> ACCEPT all -- 10.0.0.0/8 anywhere
> ACCEPT all -- 1.0.0.0/8 anywhere
> NoCat_Capture all -- anywhere anywhere
> DROP tcp -- !localhost anywhere tcp dpt:8080
>
> What is strange is that the sibling proxys are still able to use this as
> their parent, and if you connect to port 8080 directly it will work (of
> course this is with out the above DROP being in the rules).
>
> I figure this might be an IPtables issue but hope to see if anyone has had
> this issue or could point me in the correct location.
>
> Regards
-- vdaReceived on Thu Mar 25 2004 - 07:58:52 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:03 MST