On 13/06/2014 2:30 a.m., Antony Stone wrote:
> On Thursday 12 June 2014 at 16:26:19, Дмитрий Шиленко wrote:
>
>> in /var/log/squid/cache.log i find: "kid1| WARNING: Forwarding loop
>> detected for:"
>
> That was probably due to my suggestion of redirecting to 192.168.0.97 instead
> of 127.0.0.1
>
> You may as well put that back to what it was, and at least get rid of the new
> problem :)
You are probably right that that is because of the IP change in the
rules. But actually in a good way.
locahost and its IP 127.0.0.1 are a bit special in many ways. One of
those ways is that NAT is not capable of setting the localhost address
on a global scope packet, or a global IP on a lo interface packet.
I've seen NAT fail silently when NATing to/from 127.0.0.1 incorrectly.
The forwarding loop error message means the traffic has successfully
entered and *exited* Squid at least once.
>
>> help me out guys =(
>
> Has anyone else got more experience than me of transparent interception, and
> can see what might be the problem here?
>
I believe the NAT rule needs two changes:
1) use 192.168.0.97 in place of the 127.0.0.1 as earlier suggested.
2) prevent traffic *from* 192.168.0.97 being NATed - it is Squid's
outbound traffic.
Amos
Received on Thu Jun 12 2014 - 20:32:13 MDT
This archive was generated by hypermail 2.2.0 : Fri Jun 13 2014 - 12:00:06 MDT