[squid-users] Problems with transparancy and pf from Leslie Jensen on 2011-03-29 (squid-users)

From: Leslie Jensen <leslie_at_eskk.nu>
Date: Tue, 29 Mar 2011 12:02:38 +0200

Hello list.

I've used squid together with pf for a while on a Freebsd 7.2-RELEASE
machine.

I've now installed Freebsd 8.2-RELEASE on new hardware and I'm using my
config from the 7.2 machine.

My problem is that squid is not working with transparency. The browser
traffic goes directly to the Internet.

Setting proxy in the browser works, so I believe squid is ok.

My question is about which build options I must use?

I've used the following:
SQUID_KERB_AUTH X (ON)
SQUID_NIS_AUTH X (ON)
SQUID_IPV6 (Default) X (ON)

SQUID_DELAY_POOLS X (ON)
SQUID_SNMP X (ON)
SQUID_HTCP (CARP?) X (ON)
SQUID_WCCP X (ON)
SQUID_IDENT (OFF)
SQUID_IPFW X (ON)
SQUID_PF X (ON)
SQUID_AUFS (Default) X (ON)
SQUID_KQUEUE X (ON)

Then I found this
https://wiki.andrewmercer.net/index.php/Squid_-_Transparent_Proxy

Where he suggests that even
SQUID_IPFILTER X (ON)

Should be activated.

I recompiled Squid3.1 with the above and now I get an error which I can
understand because I do not have IPFilter installed/active.

____________________________________

2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open
failed: (2) No such file or directory
2011/03/29 11:14:44| IpIntercept.cc(250) IpfInterception: NAT open
failed: (2) No such file or directory
_____________________________________

So when only pf is used, must I compile squid with IPFILTER and IPFW ?

Thanks

/Leslie
Received on Tue Mar 29 2011 - 10:02:38 MDT

This archive was generated by hypermail 2.2.0 : Tue Mar 29 2011 - 12:00:02 MDT