hello, i&#39;m korean so im sorry my english text written<div><br></div><div>my environment is the latest Centos and network doing bridge.</div><div>my option is already setted by using information on internet</div><div><br>
</div><div>my problem is that squid 2.7 setting &quot;--enable-linux-tproxy&quot; causes below warning..</div><div><br></div><div><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">---------------------------------------</span><span style="background-color:rgb(255,255,255);font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px">---------------------------------------</span></div>
<div><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">checking if Linux (Netfilter) kernel header files are installed... no </span><br style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">WARNING: Cannot find necessary Linux kernel (Netfilter) header files </span><br style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">         Linux Transparent Proxy support WILL NOT be enabled </span><br style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">checking if TPROXY header files are installed... no </span><br style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
</div><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">---------------------------------------</span>
<span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">---------------------------------------</span><div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif"><br>
</font><div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif">my wordering is that although tproxy is intergrated with latest kernel source, there is not ip_tproxy.h</font></div><div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif">i have known that ip_tproxy.h was provided from obsolete kernel source patch in &quot;<a href="http://balabit.com">balabit.com</a>&quot;</font></div>
<div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif"><br></font></div><div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif">but why do squid2.7 need ip_tproxy.h? </font></div><div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif">so, i downloaded ip_tproxy.h and compiled squid2.7 by using the ip_tproxy.h</font></div>
<div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif"><br></font></div><div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif">and i setted option </font><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">&quot;http_port 3128 tproxy&quot; in </span><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">squid.conf. </span></div>
<div><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">after compiling and setting, the squid is running but the tproxy doesn&#39;t work.</span></div><div><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif"><br>
</span></div><div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif">i setted iptables rules following below</font></div><div><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">-----------------------</span><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">-----------------------</span><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">-----------------------</span><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">----------</span></div>
<div><p class="MsoNormal"><span lang="EN-US" style="font-size:9.0pt;font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#222222;background:white">setsebool squid_connect_any=1</span><b><span lang="EN-US"></span></b></p>


<p class="MsoNormal"><span lang="EN-US">setsebool squid_use_tproxy=1 </span></p>

<p class="MsoNormal" align="left" style="text-align:left;line-height:12.0pt;background:#f0ece6;text-autospace:ideograph-other;word-break:keep-all"><span lang="EN-US" style="font-family:Courier">iptables -t mangle -N DIVERT</span></p>


<p class="MsoNormal" align="left" style="text-align:left;line-height:12.0pt;background:#f0ece6;text-autospace:ideograph-other;word-break:keep-all"><span lang="EN-US" style="font-family:Courier">iptables -t mangle -A DIVERT
-j MARK --set-mark 1</span></p>

<p class="MsoNormal" align="left" style="text-align:left;line-height:12.0pt;background:#f0ece6;text-autospace:ideograph-other;word-break:keep-all"><span lang="EN-US" style="font-family:Courier">iptables -t mangle -A DIVERT
-j ACCEPT</span></p>

<pre style="line-height:12.0pt;background:#f0ece6"><span lang="EN-US" style="font-size:10pt;font-family:Courier">iptables  -t mangle -A PREROUTING -p tcp -m socket -j DIVERT</span></pre><pre style="line-height:12.0pt;background:#f0ece6">
<span lang="EN-US" style="font-size:10pt;font-family:Courier">iptables  -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3128</span></pre></div><div><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">-----------------------</span><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">-----------------------</span><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">-----------------------</span><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif">----------</span>
</div><div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif"><br></font></div><div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif">i must use tproxy in squid 2.7 environment.</font></div><div><font face="Verdana, Geneva, Helvetica, Arial, sans-serif">could you help me? please..</font></div>
<div><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><br></span></div><div><span style="font-family:Verdana,Geneva,Helvetica,Arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><br>
</span></div></div>