Hi,
I have the following problem while trying to setup a squid in tproxy
mode for a centralized solution. Our topology is:
client -> R1 -> squid -> R1 -> Internet
Note that server uses a public ip address which is the same for incoming
and outgoing connections
I am using squid 3.2.6 [tried3.2.7 without luck] in Debian Wheezy with
linux kernel 3.2 and iptables 1.4.14
Squid.conf
-- workers 1 debug_options ALL,4 client_db off http_port 80 tproxy http_port 8080 icp_port 0 iptables --- iptables -t mangle -F iptables -t mangle -N DIVERT iptables -t mangle -A DIVERT -i lo -j ACCEPT iptables -t mangle -A DIVERT -j MARK --set-mark 1 iptables -t mangle -A DIVERT -j ACCEPT iptables -t mangle -A PREROUTING -s <server_ip_address> -j ACCEPT iptables -t mangle -A PREROUTING -i lo -j ACCEPT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-ip 127.0.0.1 --on-port 80 Do I have to use WCCP on the router standing between theproxy andthe internet?? I cannot route the packets from the proxy tothe edge router while I can see incoming http packets from the clients. All incoming connection timeout while waiting for the reply from destination serverReceived on Tue Feb 05 2013 - 12:02:59 MST
This archive was generated by hypermail 2.2.0 : Tue Feb 05 2013 - 12:00:03 MST