On Sun, 4 Oct 2009 18:34:11 +0700, johan firdianto <johanfirdi_at_gmail.com>
wrote:
> dear guys,
>
> anybody here has experience implement tproxy 4 ( based on patch comes
> from visolve.com) on squid 2.7 stable 6?.
> here my configure option
> '--prefix=/usr/local/squid-tproxy' '--enable-gnuregex' '--enable-carp'
> '--with-pthreads' '--with-aio' '--with-dl' '--enable-useragent-log'
> '--enable-referer-log' '--enable-htcp' '--enable-arp-acl'
> '--enable-cache-digests' '--enable-truncate' '--enable-stacktraces'
> '--enable-x-accelerator-vary'
> '--enable-basic-auth-helpers=MSNT,NCSA,YP,getpwnam'
> '--enable-external-acl-helpers=ip_user,unix_group,wbinfo_group'
> '--enable-removal-policies=lru,heap' '--enable-auth=basic,ntlm'
> '--disable-ident-lookups' '--enable-follow-x-forwarded-for'
> '--enable-large-cache-files' '--enable-async-io'
> '--with-maxfd=2048000' '--enable-linux-tproxy' '--enable-epoll'
> '--enable-snmp' '--enable-removal-policies=heap,lru'
> '--enable-storeio=aufs,coss,diskd,null,ufs' '--enable-ssl'
> '--with-openssl=/usr/kerberos' '--disable-dependency-tracking'
> '--with-large-files' '--enable-default-hostsfile=/etc/hosts'
>
> I already put http_port tproxy transparent in squid.conf, and also put
> IP of squid at tcp_outgoing_address option.
> no error in compiling squid, but when I dump the packet, the squid /
> linux doesn't spoof the IP. It use the squid box IP address rathern
> than client IP address.
> I still can browse normally, but the system doesn't spoof the IP.
> When I use tproxy4 on squid 3.1, it works.
> any clue ?
We don't support patched Squid sorry.
Check libcap-dev or libcap2-dev are present during build (Squid-2 does not
warn when missing).
TPROXY4 does not work with tcp_outgoing_addr or the transparent option. Try
without those, then if it still does not work contact visolve.
Amos
Received on Sun Oct 04 2009 - 21:04:28 MDT
This archive was generated by hypermail 2.2.0 : Mon Oct 05 2009 - 12:00:02 MDT