Re: [squid-users] squid 3.1.0.15, TPROXY; cache.log empty from Amos Jeffries on 2010-02-23 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 24 Feb 2010 14:53:48 +1300

On Tue, 23 Feb 2010 14:26:38 -0600, Rhino <rhino_at_machlink.com> wrote:
> my system:
> Squid 3.1.0.15 (run/installed as "squid3")
> WCCP v2 HASH (Cisco switch)
> centOS 5.4 kernel 2.6.30.10 w/TPROXY enabled
> iptables v1.4.4
>
> WCCP established between squid and switch.
> TPROXY iptables rules set to forward tcp port 80 to 3128
>
> From a client on a separate test subnet can browse internet via squid
> server (TCPDUMP of squid interface shows the client http traffic being
> served via internet); however there are zero entries in access.log
> When WCCP is turned off on the switch, the client requests no longer are

> visible via TCPDUMP.
> Squid starts, runs as you would expect it to, no visible errors.
> If WCCP is working, the IPTABLES TPROXY rules appear to be working - as
> the client IP is revealed at numerous IP verification websites - then I

> am led to believe I've botched my squid config somehow; though when
> previously tested in intercept only (no TPROXY rules, just NAT and port
> 80 redirect) access.log populated with the client requests.
>
> No doubt something pretty basic that I must have overlooked, but for the

> life of me not seeing what it may be.
> Any thoughts?
> Including the cache.log debug below
> thanks
> -Ryan
>
> [root_at_proxy squid3]# squid -X start
<snip>
> 2010/02/23 13:55:35.035| Processing: 'http_port 10.10.1.10:3128 tproxy '
> 2010/02/23 13:55:35.035| http(s)_port: Listen on Host/IP: 10.10.1.10 -->

> 10.10.1.10:3128
> 2010/02/23 13:55:35.035| Starting IP Spoofing on port 10.10.1.10:3128
> 2010/02/23 13:55:35.035| Disabling Authentication on port
> 10.10.1.10:3128 (IP spoofing enabled)
> 2010/02/23 13:55:35.035| Detect TPROXY support on port 10.10.1.10:3128
> 2010/02/23 13:55:35.035| ...Probing for IPv4 TPROXY support.
> 2010/02/23 13:55:35.035| IPv4 TPROXY support detected. Using.
<snip>

Well that seems to be working.

Now you need to track down whats happening to a request which should be
using it.

Amos
Received on Wed Feb 24 2010 - 01:53:50 MST

This archive was generated by hypermail 2.2.0 : Wed Feb 24 2010 - 12:00:06 MST