Angelo Compagnucci wrote:
> Hi List,
>
> I'll try to understand what's not working in my setup.
> I'm trying to configure tproxy on an lan but I cannot get it working.
> I'll try to explain better.
>
> My setup is resumed in the following scheme:
>
> LAN --> TRPOXY + BRIDGE + SQUID --> Default gateway.
>
> I'm working on Ubuntu 9.10 with Squid 3.. Squid and tproxy are
> correctly configured because I can read
> "Accepting spoofing http connections at ..."
> in chache.log.
Ubuntu 9.10 does not with TPROXY enabled version of Squid.
How and where did you get yours?
>
> The configuration I set up is described at the page
> http://wiki.squid-cache.org/Features/Tproxy4.
>
> This is the script i use to configure everithing:
>
> CLIENT_IFACE=eth0
> INET_IFACE=eth1
>
> ifconfig $CLIENT_IFACE down
> ifconfig $INET_IFACE down
> ifconfig $CLIENT_IFACE 0.0.0.0 up
> ifconfig $INET_IFACE 0.0.0.0 up
>
> brctl addbr br0
> brctl addif br0 $CLIENT_IFACE
> brctl addif br0 $INET_IFACE
> brctl stp br0 off
>
> dhclient br0
>
> ip rule add fwmark 1 lookup 100
> ip route add local 0.0.0.0/0 dev lo table 100
> echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
Does changing the /lo/rp_filter above to /all/rp_filter change things?
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.7 Beta testers wanted for 3.2.0.2Received on Sat Sep 04 2010 - 03:00:54 MDT
This archive was generated by hypermail 2.2.0 : Sat Sep 04 2010 - 12:00:02 MDT