Hi
I have setup squid +tproxy in bridge mode.The bridge works fine for the
clients in the same subnet.
If we connect clients in different subnet the requests gets to the squid
and the squid cannot reply.Each subnet has different gateway
Internet-----router------squid(bridge)-----Router-------client
In access log we can see TCP/MISS 504.
I can ping all the subnet client ip's from squid
If i add route add -net <Network ip of subnets> dev br0 the traffic of
other subnets does not get redirected to squid
usr/local/sbin/iptables -t mangle -N DIVERT
/usr/local/sbin/iptables -t mangle -A DIVERT -j MARK --set-mark 1
/usr/local/sbin/iptables -t mangle -A DIVERT -j ACCEPT
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp --dport 80 -j
TPROXY --tproxy-mark 0x1/0x1 --on-port 3128
Ebtables for redirecting
ebtables -t broute -I BROUTING --ip-source <ip> -i eth0 -p ipv4
--ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP
ebtables -t broute -I BROUTING --ip-source <ip> -i eth1 -p ipv4
--ip-proto tcp --ip-sport 80 -j redirect --redirect-target DROP
please Advise me
Thanks
Senthil
Received on Thu Aug 12 2010 - 09:30:31 MDT
This archive was generated by hypermail 2.2.0 : Thu Aug 12 2010 - 12:00:03 MDT