I have running squid 3.1.0.6 with TProxy on 2.6.28-11 (Ubuntu 64bit)
For some reason ALL my traffic shows up as a TCP_MISS ... If I revert
back to transparent mode evertything is fine. If I switch to tproxy
everything shows as a TCP_MISS.
Why is this happening?
Here is my iptables rule
/usr/local/sbin/iptables -t mangle -N DIVERT
/usr/local/sbin/iptables -t mangle -A DIVERT -j MARK --set-mark 1
/usr/local/sbin/iptables -t mangle -A DIVERT -j ACCEPT
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp --dport 80 -j
TPROXY --tproxy-mark 0x1/0x1 --on-port 3129
ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100
Here is what I see in the logs
1238607663.926 40 66.78.113.105 TCP_MISS/200 7867 GET
http://www.shockwave.com/content/dailydiff/dailyThumbnails/04_09/bonus1.png
- DIRECT/204.245.162.18 image/png
1238607663.940 59 66.78.111.208 TCP_MISS/200 4989 GET
http://www.newholland.com/FILES/tbl_s27ProductLineText/SmallImage227/380/PLMlogo_icon_sm_1107.jpg
- DIRECT/216.246.75.66 image/jpeg
1238607663.957 85 66.78.125.200 TCP_MISS/200 559 GET
http://65.55.149.124/c.gif? - DIRECT/65.55.149.124 image/gif
1238607663.963 757 66.78.122.169 TCP_MISS/200 4071 GET
http://photos-b.ll.facebook.com/photos-ll-snc1/v376/249/18/1646506269/s1646506269_23977_3791.jpg
- DIRECT/208.111.128.7 image/jpeg
1238607663.975 39 66.78.113.105 TCP_MISS/200 776 GET
http://www.shockwave.com/i/common/userBar/loginBkgTop.png -
DIRECT/204.245.162.18 image/png
1238607663.977 39 66.78.111.61 TCP_MISS/200 539 GET
http://live.nhl.com/data/scr21140.txt? - DIRECT/8.20.73.127 text/plain
1238607663.981 74 66.78.126.34 TCP_MISS/302 672 GET
http://76.13.218.11/imp? - DIRECT/76.13.218.11 -
1238607663.998 46 66.78.122.51 TCP_MISS/200 5305 GET
http://photos-c.ak.fbcdn.net/hphotos-ak-snc1/hs040.snc1/2672_613259522049_120814371_40777746_7186851_s.jpg
- DIRECT/96.17.72.153 image/jpeg
1238607664.000 75 66.78.122.169 TCP_MISS/200 1393 GET
http://as.casalemedia.com/j? - DIRECT/69.22.179.90 text/html
1238607664.013 42 66.78.122.51 TCP_MISS/200 5423 GET
http://photos-d.ak.fbcdn.net/hphotos-ak-snc1/hs040.snc1/2672_613259527039_120814371_40777747_751075_s.jpg
- DIRECT/96.17.72.112 image/jpeg
1238607664.026 52 66.78.112.152 TCP_MISS/200 8810 GET
http://www.allthepornstars.com/tgpx/thumbs/17006.jpg -
DIRECT/64.59.104.232 image/jpeg
1238607664.034 52 66.78.122.51 TCP_MISS/200 5095 GET
http://photos-d.ak.fbcdn.net/hphotos-ak-snc1/hs040.snc1/2672_613253534049_120814371_40777627_4512188_s.jpg
- DIRECT/96.17.72.97 image/jpeg
1238607664.034 31 66.78.122.51 TCP_MISS/200 2078 GET
http://photos-e.ak.fbcdn.net/hphotos-ak-snc1/hs031.snc1/2659_65427156458_590101458_2173412_4841922_t.jpg
- DIRECT/96.17.72.152 image/jpeg
1238607664.035 18 66.78.119.204 TCP_MISS/200 2327 GET
http://img4.catalog.video.msn.com/Image.aspx? - DIRECT/208.111.128.6
image/jpeg
1238607664.049 89 66.78.112.212 TCP_MISS/204 451 GET
http://g.microsoft.com/_0sfdata/1? - DIRECT/207.46.216.54 -
1238607664.062 53 66.78.111.135 TCP_MISS/200 387 GET
http://www.tagesschau.de/image/icon_uhrzeit_3165bd.gif -
DIRECT/204.245.162.16 image/gif
1238607664.075 24 66.78.122.51 TCP_MISS/200 3010 GET
http://photos-h.ak.fbcdn.net/photos-ak-sf2p/v644/98/77/505791930/t505791930_1745911_6863.jpg
- DIRECT/96.17.72.112 image/jpeg
1238607664.082 691 66.78.122.169 TCP_MISS/200 3914 GET
http://photos-f.ll.facebook.com/photos-ll-snc1/v376/249/18/1646506269/s1646506269_23973_6825.jpg
- DIRECT/208.111.128.6 image/jpeg
1238607664.084 20 66.78.122.51 TCP_MISS/200 2496 GET
http://photos-f.ak.fbcdn.net/hphotos-ak-snc1/hs023.snc1/2647_61581702382_500977382_1462477_5458310_t.jpg
- DIRECT/96.17.72.136 image/jpeg
1238607664.085 50 66.78.112.152 TCP_MISS/200 8354 GET
http://www.allthepornstars.com/tgpx/thumbs/17008.jpg -
DIRECT/64.59.104.232 image/jpeg
1238607664.086 39 66.78.125.181 TCP_MISS/200 1685 POST
http://cowow2.7821k.com/idle/821282179/18213 - DIRECT/38.99.158.108
application/x-fcs
1238607664.091 38 66.78.111.61 TCP_MISS/200 491 GET
http://live.nhl.com/data/clk21140.txt? - DIRECT/8.20.73.127 text/plain
1238607664.095 159 66.78.113.105 TCP_MISS/200 60821 GET
http://www.shockwave.com/i/dynamicLeads/fuelmom_dynamic_feature.jpg -
DIRECT/204.245.162.18 image/jpeg
1238607664.098 68 66.78.100.104 TCP_MISS/302 357 GET
http://ad.doubleclick.net/ad/N5043.microsoftnetwork/B3311296.89;sz=1x1;ord=167838136?
- DIRECT/74.125.242.25 -
1238607664.100 248 66.78.120.90 TCP_MISS/200 553 GET
http://88.208.23.7/underplayer_spot.html - DIRECT/88.208.23.7 text/html
1238607664.103 99 66.78.112.152 TCP_MISS/200 13267 GET
http://www.allthepornstars.com/tgpx/thumbs/17007.jpg -
DIRECT/64.59.104.232 image/jpeg
1238607664.109 24 66.78.117.104 TCP_MISS/200 3791 GET
http://www.cineplex.com/ecms.aspx/ea3dac5f-1c9e-479b-a3a9-f8cb7948241f/Trailers/coraline.jpg
- DIRECT/216.176.51.102 image/jpeg
-- =-=-=-=-=-=-=-=-=-=-=-=-= Jamie Orzechowski - CCNA RipNET Ltd. System/Network Administrator Tel.: 613-342-3946 x294 THIS MESSAGE IS INTENDED ONLY FOR THE ADDRESSEE, IT MAY CONTAIN PRIVILEGED OR CONFIDENTIAL INFORMATION. ANY UNAUTHORIZED DISCLOSURE IS STRICTLY PROHIBITED. IF YOU HAVE RECEIVED THIS MESSAGE IN ERROR, PLEASE NOTIFY ME IMMEDIATELY SO THAT I MAY CORRECT MY INTERNAL RECORDS. PLEASE THEN DELETE THE ORIGINAL MESSAGE. =-=-=-=-=-=-=-=-=-=-=-=-=Received on Wed Apr 01 2009 - 17:51:05 MDT
This archive was generated by hypermail 2.2.0 : Thu Apr 02 2009 - 12:00:02 MDT
