RE: [squid-users] regarding squid with tproxy wccp

From: John Lauro <john.lauro_at_covenanteyes.com>
Date: Thu, 11 Feb 2010 07:34:49 -0500

What kernel version? I have not been able to get bridging and tproxy to
work with any kernel > 2.6.29.6.

> -----Original Message-----
> From: senthil [mailto:senthilkumaar2021_at_gmail.com]
> Sent: Thursday, February 11, 2010 12:18 AM
> To: squid-users_at_squid-cache.org
> Subject: [squid-users] regarding squid with tproxy wccp
>
> HI
>
> I have installed Tproxy 4 .
>
> I have done all the prerequisites like compiling kernel and installing
> iptables 1.4 etc
>
> When i create Bridge i cant able to browse in private ip
>
> My network :
>
> Internet ---> (eth1)squid machine(eth0)------>test client
>
> eth1 -public ip
>
> eth0 and test client ip ---->private in 172 series
>
> But i able to browse in public ip and access is seen in log of squid
>
> I follwed document of //wiki.squid-cache.org/Features/Tproxy4
> <http://wiki.squid-cache.org/Features/Tproxy4>
>
> My iptable and ebtable rules:
>
> iptables -t mangle -N DIVERT
> iptables -t mangle -A DIVERT -j MARK --set-mark 1
>
> iptables -t mangle -A DIVERT -j ACCEPT
>
> iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
>
> iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY
> --tproxy-mark 0x1/0x1 --on-port 3128
>
> ebtables -t broute -A BROUTING -i eth0 -p ipv4 --ip-proto tcp
> --ip-dport 80 -j redirect --redirect-target DROP
>
> ebtables -t broute -A BROUTING -i eth1 -p ipv4 --ip-proto tcp
> --ip-sport 80 -j redirect --redirect-target DROP
>
>
> ip rule add fwmark 1 lookup 100
> ip route add local 0.0.0.0/0 <http://0.0.0.0/0> dev lo table 100
>
> echo 0 > /proc/sys/net/ipv4/conf/lo/rp_
> filter echo 1 > /proc/sys/net/ipv4/ip_forward
>
> set net.ipv4.forwarding = 1
> Please help me .Thanks in Advance
>
> Regards
> senthilkumar
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 8.5.435 / Virus Database: 271.1.1/2680 - Release Date:
> 02/10/10 19:38:00
Received on Thu Feb 11 2010 - 12:35:02 MST

This archive was generated by hypermail 2.2.0 : Thu Feb 11 2010 - 12:00:04 MST