Re: Fwd: [squid-users] tproxy , wccp2 connection refuse from pinky you on 2007-10-25 (squid-users)

From: pinky you <pinkheart_7777@dont-contact.us>
Date: Thu, 25 Oct 2007 11:45:51 -0700 (PDT)

--- hobbes <hobbes.lee@gmail.com> wrote:

> I want to you have already configure iptables,such
> as:
> iptables -A PREROUTING -t nat -p tcp --dport 80 -j
> REDIRECT --to-ports 7777
> port 7777 is listening by squid.
>
yes , but since tproxy rule is there no traffic pass
through this rule
iptables -t tproxy -A PREROUTING -p tcp -m tcp --dport
80 -j TPROXY --on-port squidport

> Causeing the connection refuse is between squid and
> site (server),can
> squid use wget command to site content being
> requested
>
yes
>
> ---------- Forwarded message ----------
> From: pinky you <pinkheart_7777@yahoo.com>
> Date: Oct 26, 2007 1:27 AM
> Subject: Re: [squid-users] tproxy , wccp2 connection
> refuse
> To: hobbes <hobbes.lee@gmail.com>
>
>
> --- hobbes <hobbes.lee@gmail.com > wrote:
>
> > set NAT redirect data with 80 port to your squid
> > listening port ,
> you mean I need to redirect port 80 to squid port
> AND
> tproxy port 80 to squid NAT two rules
> > As you connect refuse ,it maybe ACL configure
> error
> > in squid.conf ,check it.
>
> there is no acl error , the connection refuse error
> come after a long time , and it is from the ip of
> the
> site being requested.
>
> >
> > On 10/25/07, pinky you < pinkheart_7777@yahoo.com>
> > wrote:
> > >
> > > hello everyone
> > >
> > > I am trying to use tproxy with wccp but it never
> > work
> > > I patched the kernel, iptables and used squid
> 2.6
> > >
> > > the probme now , when the user open any webpage
> > the
> > > page load for long time (several min. ) and
> > finally
> > > connection refuese error from squid apears .
> > >
> > > I checked iptables and it forward the data.
> > > checked with tcpdump (seems the data is comming
> )
> > >
> > > but I don't know whats the problem .
> > >
> > > is there any routing that should be done with
> > tproxy
> > > ??
> > > do I need to use NAT ??
> > >
> > > thanx in advance
> > >
> > >
> > > Be pink or not to be
> > >
> > >
> __________________________________________________
> > > Do You Yahoo!?
> > > Tired of spam? Yahoo! Mail has the best spam
> > protection around
> > > http://mail.yahoo.com
> > >
> >
> >
> >
> > --
> > hobbes.lee@gmail.com
> > Guangzhou China
> >
>
>
> Be pink or not to be
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam
> protection around
> http://mail.yahoo.com
>
>
> --
> hobbes.lee@gmail.com
> Guangzhou China
>

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Received on Thu Oct 25 2007 - 12:45:59 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:02 MDT