Re: [squid-users] TPROXY Squid Error.

Ok. Good so far. I saw you opened another email about this. Please
keep related discussions in one single thread. We had similar TProxy
issues around 7-8 days ago. From your emails, it seems you are
running CentOS 6.5, just like we are. The difference is that you are
using Squid 3.1 which is available in CentOS yum. We installed the
same on our CentOS, and confirmed that Squid 3.1 is working with
TProxy. So, I think this is a routing / iptables issue.

In that email, you mentioned that Squid is receiving the packets? How
are you determining this?

Also, can you enable:
debug_options ALL,1 89,9 17,3
in your squid.conf? This will print a bunch of debug messages in
cache.log when you try to browse through proxy.

Also, before you start browsing, run this command:
tcpdump -n -nn -e -i any dst port 80
That should allow you to see some packet header data.

Now, try to browse from client, and pastebin the output of both
cache.log & tcpdump.

Regards
HASSAN

On Tue, Jul 8, 2014 at 4:54 PM, Info OoDoO <info_at_oodoo.co.in> wrote:
> Thanks Hassan,
> Yes I have the following settings done.
>
> Please see the details in the pastebin
>
> http://pastebin.com/YzKDSV7J --> Find Results.
>
> http://pastebin.com/XhZYiDxm -->sysctl.conf
>
> Thanks,
> Ganesh J
>
>
> On Tue, Jul 8, 2014 at 2:29 PM, Nyamul Hassan <nyamul_at_gmail.com> wrote:
>> tcpdump shows traffic flowing both ways, which is good. We also need
>> to have the following settings:
>>
>> # sysctl.conf
>> net.ipv4.ip_forward = 1
>> net.ipv4.conf.default.rp_filter = 0
>> net.ipv4.conf.all.rp_filter = 0
>> net.ipv4.conf.eth0.rp_filter = 0
>> net.ipv4.conf.eth1.rp_filter = 0
>>
>> The last two lines are for my specific system where I have two NICs.
>> Feel free to modify on your own. After changing the file running
>> "sysctl -p" usually works. To check if it did, please run the
>> following commands:
>>
>> find /proc/sys/net/ipv4/ -iname rp_filter
>> find /proc/sys/net/ipv4/ -iname rp_filter -exec cat {} +
>>
>> The first shows all the rp_filter in your system.
>> The second shows if they are indeed set to 0 as needed.
>>
>> Please do a pastebin for both sysctl.conf and the outputs of the find commands.
>>
>> Regards
>> HASSAN
>>
>>
>> On Tue, Jul 8, 2014 at 2:34 PM, Info OoDoO <info_at_oodoo.co.in> wrote:
>>> Thanks Hassan,
>>>
>>> I have covered all the steps except the WCCP Configuration, Coz i dont
>>> use WCCP Router. I tried discovering for Routing loop and was unable
>>> to find any, Could you please help me How to Find a Routing loop.
>>>
>>> Here is my Squid Conf and my TCPdump sample.
>>>
>>> http://pastebin.com/aJskfywx --> TCPdump
>>> http://pastebin.com/b9u24rEC --> Squid Conf
>>>
>>> Thanks,
>>> Ganesh J
>>>
>>>
>>> On Tue, Jul 8, 2014 at 2:55 AM, Nyamul Hassan <nyamul_at_gmail.com> wrote:
>>>> Did you check the possibility of a routing loop as described in the
>>>> troubleshooting section of the TProxy wiki page? In fact, can you
>>>> check that you have covered all the steps mentioned in that section?
>>>>
>>>> Regards
>>>> HASSAN
>>>>
>>>> On Tue, Jul 8, 2014 at 2:37 AM, Info OoDoO <info_at_oodoo.co.in> wrote:
>>>>> Thanks Hassan,
>>>>>
>>>>> Now the request are passing through Squid but Failing with "110
>>>>> Connection Timed Out" Error.
>>>>>
>>>>> When I use transparent Mode its working fine. Any Idea..!!
>>>>>
>>>>> Thanks,
>>>>> Ganesh J
>>>>> Thanks,
>>>>> OodoO Fiber,
>>>>> +91 8940808080
>>>>> www.oodoo.co.in
>>>>>
>>>>>
>>>>> On Tue, Jul 8, 2014 at 1:16 AM, Nyamul Hassan <nyamul_at_gmail.com> wrote:
>>>>>> Hi Ganesh,
>>>>>>
>>>>>> In your "basic data" pastebin, seems like the "ip rule" and "ip route"
>>>>>> rules are missing.
>>>>>>
>>>>>> Please see if running the following commands helps the situation:
>>>>>> * echo 100 squidtproxy >> /etc/iproute2/rt_tables
>>>>>> * ip rule add fwmark 1 lookup 100
>>>>>> * ip route add local default dev lo table 100
>>>>>>
>>>>>> Regards
>>>>>> HASSAN
>>>>>>
>>>>>>
>>>>>> On Tue, Jul 8, 2014 at 1:15 AM, Nyamul Hassan <nyamul_at_gmail.com> wrote:
>>>>>>> Can you also pastebin your squid.conf?
>>>>>>>
>>>>>>> Regards
>>>>>>> HASSAN
>>>>>>>
>>>>>>> On Tue, Jul 8, 2014 at 12:53 AM, collect oodoo <collect_at_oodoo.co.in> wrote:
>>>>>>>> I have configured squid with the options in the below paste ..
>>>>>>>> http://pastebin.com/jFhzd3qj
>>>>>>>> I packets are being forwarded from the cache box to internet and i'm
>>>>>>>> able to see the Client Public address instaed of squid Box Public
>>>>>>>> Address..
>>>>>>>> the Issue here is the requests are not being forwarded by or through Squid..
>>>>>>>> I'm unable to view any log for the request on access.log.
>>>>>>>> If i use the same squid in transparent mode then I'm able to view the
>>>>>>>> requests forwarded and logged on access.log but it shows Squid Box
>>>>>>>> Public IP address.
>>>>>>>> Can some body Help me on this..
>>>>>>>> My basic Data of Machine is
>>>>>>>>
>>>>>>>> http://pastebin.com/TdnhnJtx
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> Ganesh J
Received on Tue Jul 08 2014 - 17:15:21 MDT