On Aug 15, 2008, at 9:34 AM, Amos Jeffries wrote:
> Ted Kaczmarek wrote:
>> With squid-3.HEAD-20080814 I am seeing this message.
>> WARNING: comm_open: setsockopt(IP_TRANSPARENT) not supported on
>> this platform
>> It does not matter if I configure wit or without
>> --enable-tproxy
>> and or
>> --enable-linux-netfilter.
>> What is the correct option for Tproxy4 support?
>
> --enable-netfilter
>
> NOTE: your kernel needs to be correctly patched for TPROXY options
> to work.
>
>> Going through all these related Tproxy posts ona various can
>> really send one for ride :-)
>> Regards,
>> Ted
>
> A how-to has recently been added to the wiki. It's not quite 100%
> complete but should give you a good basis to start from.
>
> http://wiki.squid-cache.org/ConfigExamples/TPROXYPatchingCentOS
>
>
> Amos
> --
> Please use Squid 2.7.STABLE3 or 3.0.STABLE8
Amos,
thanks, that and few hunder other posts are how I have gotten me this
far :-)
[root_at_labdev ~]# dmesg | grep -i tproxy
NF_TPROXY: Transparent proxy support initialized, version 4.1.0
NF_TPROXY: Copyright (c) 2006-2007 BalaBit IT Ltd.
ip_tables: TPROXY target: only valid in mangle table, not nat
[root_at_labdev ~]# squid -v
Squid Cache: Version 3.HEAD-20080814
configure options: '--prefix=/usr' '--includedir=/usr/include' '--
datadir=/usr/share' '--bindir=/usr/sbin' '--libexecdir=/usr/lib/squid'
'--localstatedir=/var/squid' '--sysconfdir=/etc/squid' '--enable-
epoll' '--enable-delay-pools' '-enable-cachemgr-hostname=localhost' '--
enable-linux-netfilter' '--enable-auto-locale' --enable-ltdl-convenience
[root_at_labdev ~]# lsmod | grep -i tprox
xt_TPROXY 6144 0
nf_defrag_ipv4 5888 2 nf_conntrack_ipv4,xt_TPROXY
nf_tproxy_core 6400 1 xt_TPROXY,[permanent]
x_tables 15364 4
xt_tcpudp,iptable_nat,xt_TPROXY,ip_tables
2.6.25.11 kernel and iptables 1.4.
Am I missing something?
Regards,
Ted
Received on Fri Aug 15 2008 - 17:54:02 MDT
This archive was generated by hypermail 2.2.0 : Sat Aug 16 2008 - 12:00:03 MDT