Hi,<br><br>I tried to run squid 3.1 with tproxy in a bridge mode, but I just receive a Connection timed out. In access.log shows this entries:<br><br>1249010814.562 11319 187.0.xxx.xxx TCP_MISS/000 0 GET <a href="http://teklimbu.wordpress.com/2007/10/11/running-a-transparent-linux-squid-bridge/">http://teklimbu.wordpress.com/2007/10/11/running-a-transparent-linux-squid-bridge/</a> - DIRECT/<a href="http://teklimbu.wordpress.com">teklimbu.wordpress.com</a><br>
1249010999.257 182407 187.0.xxx.xxx TCP_MISS/504 4146 GET <a href="http://teklimbu.wordpress.com/2007/10/11/running-a-transparent-linux-squid-bridge/">http://teklimbu.wordpress.com/2007/10/11/running-a-transparent-linux-squid-bridge/</a> - DIRECT/<a href="http://72.233.2.59">72.233.2.59</a> text/html<br>
<br>These entries were transparently redirected to Squid, but after a long time the Squid returns a error page (110 connection timed out).<br><br>I tried many ways, and nothing! The actual configuration is:<br>eth0(Internet) <br>
eth1(intranet)<br>br0 - bridge with eth0 and eth1<br>kernel 2.6.30.3<br><br>ebtables -t broute -A BROUTING -i eth0 -p ipv4 --ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP<br><br>iptables -t mangle -N DIVERT<br>
iptables -t mangle -A DIVERT -j MARK --set-mark 1<br>iptables -t mangle -A DIVERT -j ACCEPT<br>iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT<br>iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129<br>
ip rule add fwmark 1 lookup 100<br>ip route add local <a href="http://0.0.0.0/0">0.0.0.0/0</a> dev lo table 100<br><br>I already tried:<br>cd /proc/sys/net/bridge<br>for i in *; do echo 0 > $i; done<br><br>Someone has an idea?<br>
<br>Thanks,<br><br>Tiago Resende<br>