On 1/12/2011 12:35 a.m., Nguyen Hai Nam wrote:
> Hi,
>
> I've just installed Squid 3.2 on OpenIndiana 151a server. I have to
> build squid 3.2 because I can't build squid 3.1.
>
> I decide to install transparent/interception proxy:
>
> # ./configure --prefix=/usr/squid --enable-ipf-transparent
>
> # make
>
> # make install
>
> Modify in squid.conf with these settings
>
> http_port 3129 intercept
>
> and start squid:
>
> # /usr/squid/sbin/squid
>
> Squid listen to tcp port 3129 as well (checked via netstat command)
>
> Next phase, I start ipfilter service and add redirect direction to
> squid port
>
> rdr iprb0 0.0.0.0/0 port 80 -> 10.2.176.31 port 3129 tcp
>
> Then test it, but can't open any web page. Check IPfilter with ipnat
> -l command, and everthing was redirected as well; then check squid.
>
> By add proxy setting on browser's Network connections to squid IP and
> port, but can't open anything too.
>
> I've spent hours to google but still have no clue about this kind. If
> anyone has idea please let me know; I highly appreciate.
>
> Thanks,
> Neddie
NP: the whole NAT system underwent an upgrade in 3.1. Portions of it
have not had much testing yet because nobody with non-Linux seems
interested or able to assist with the deep investigations needed.
For starters, I need to know how the IPs can be retrieved by Squid from
the NAT data. The current IPF implementation uses ioctl() APIs in the
kernel.
Amos
Received on Wed Nov 30 2011 - 12:38:27 MST
This archive was generated by hypermail 2.2.0 : Wed Nov 30 2011 - 12:00:03 MST