Hi Amos,
First, sorry for the double post -- my email seemed to be having
issues yesterday.
As to my issue: What steps can I do to try and validate that this is
Squid or not? When I remove the following iptables entry and bypass
Squid I can capture tcpdump traffic on the proxy machine and see no
TCP reassemblies. Leaving the rules in place and passing traffic
through Squid begins to show TCP reassemblies again and my application
no longer works.
-A PREROUTING -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128
--on-ip 0.0.0.0 --tproxy-mark 0x1/0x1
-A DIVERT -j MARK --set-xmark 0x1/0xffffffff
I've been using my setup for a few years without issue and have never
had an application fail to work prior to this. However when the
application fails when routing traffic through Squid yet works when I
bypass Squid, I'm not sure what else to blame or where else to look.
Thanks,
Matt Goff
On Sat, Dec 14, 2013 at 5:16 AM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On 14/12/2013 2:16 p.m., Matthew Goff wrote:
>> Hi,
>>
>> I am running Squid 3.1.20 in transparent mode on a Debian machine
>> configured as a bridge. I discovered that I'm having an issue with out
>> of sequence packets as an application I use on one of my client
>> machines is unable to gracefully handle the out of sequence packets.
>>
>> When I bypass Squid via iptables the out of sequence packet issue to
>> the client is resolved and the application functions properly.
>>
>> I tried playing with disable-pmtu-discovery which made no change and I
>> wasn't sure where I should be looking next.
>>
>> Thanks for any assistance.
>>
>> Matt Goff
>>
>
> I doubt this is Squid in particular causing this. Squid just uses the
> operating system read()/write() syscalls to send and receive traffic.
>
> Amos
>
Received on Sat Dec 14 2013 - 15:59:07 MST
This archive was generated by hypermail 2.2.0 : Sun Dec 15 2013 - 12:00:05 MST