Re: [squid-users] TPROXY Issues from Amos Jeffries on 2009-03-25 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 26 Mar 2009 00:05:31 +1300

Jamie Orzechowski wrote:
> I am back trying to solve my tproxy issues.
>
> Running Ubuntu server with Kernel 2.6.28-11-server, iptables v1.4.3.1,
> squid 3.1.0.6
>
> I am able to browse transparently but proxy test sites still detect the
> cache.
>
> http://www.whatismyip.com says the following
>
> Your IP Address Is 66.78.98.25
> Other IPs Detected: 66.78.102.2
> Possible Proxy Detected: 1.1 cache-01.ripnet.com (squid/3.1.0.6)
>
> Why is this site detecting my proxy??

1) spoofing only occur between Squid and client.

2) whatsmyip etc use other methods than source IP address to detect
proxies. From the info it gave its telling you it checked and found the
Via header.

Amos

>
> ----------------------------------------------------
> Squid Cache: Version 3.1.0.6
> configure options: '--prefix=/usr' '--includedir=/include'
> '--mandir=/share/man' '--infodir=/share/info' '--sysconfdir=/etc'
> '--localstatedir=/var' '--libexecdir=/lib/squid3'
> '--disable-maintainer-mode' '--disable-dependency-tracking' '--srcdir=.'
> '--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3'
> '--mandir=/usr/share/man' '--with-cppunit-basedir=/usr'
> '--enable-inline' '--enable-async-io=32'
> '--enable-storeio=ufs,aufs,diskd' '--enable-removal-policies=lru,heap'
> '--enable-delay-pools' '--enable-cache-digests' '--enable-underscores'
> '--enable-icap-client' '--enable-follow-x-forwarded-for'
> '--with-filedescriptors=65536' '--with-default-user=proxy'
> '--enable-linux-netfilter' --with-squid=/tmp/squid-3.1.0.6
> --enable-ltdl-convenience
>
> TPROXY Rules
>
> /usr/local/sbin/iptables -t mangle -N DIVERT
> /usr/local/sbin/iptables -t mangle -A DIVERT -j MARK --set-mark 1
> /usr/local/sbin/iptables -t mangle -A DIVERT -j ACCEPT
> /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
> /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp --dport 80 -j
> TPROXY --tproxy-mark 0x1/0x1 --on-port 3129
>
> ip rule add fwmark 1 lookup 100
> ip route add local 0.0.0.0/0 dev lo table 100
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
>
>

-- 
Please be using
   Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13
   Current Beta Squid 3.1.0.6

Received on Wed Mar 25 2009 - 11:05:40 MDT

This archive was generated by hypermail 2.2.0 : Wed Mar 25 2009 - 12:00:03 MDT