On Wed, 2008-12-03 at 23:16 -0300, Eduardo Schoedler wrote:
Hello Balazs!
I've compiled kernel-2.6.26-7 and applied the patch in the site.
# dmesg | grep TPROXY NF_TPROXY: Transparent proxy support initialized, version 4.1.0 NF_TPROXY: Copyright (c) 2006-2007 BalaBit IT Ltd.
For iptables, I've used the 1.4.0 sources... it's working ok, I guess. =)
But the Squid is a little bit strange. I've compiled 3.HEAD (20081121), with that have support for tproxy.
# ./configure --prefix=/opt/squid \ --sysconfdir=/etc/squid \ --with-default-user=squid \ --enable-icmp \ --disable-auth \ --enable-removal-policies="lru,heap" \ --disable-digest-auth-helpers \ --disable-basic-auth-helpers \ --disable-external-acl-helpers \ --disable-ntlm-auth-helpers \ --disable-negotiate-auth-helpers \ --enable-useragent-log \ --enable-cache-digests \ --enable-delay-pools \ --enable-referer-log \ --enable-arp-acl \ --with-large-files \ --with-filedescriptors=16384 \ --enable-storeio=ufs,diskd,aufs \ --enable-linux-netfilter
My squid.conf (like the tproxy readme): http_port 50080 tproxy transparent
The strange thing is when I'm trying to create swap directories. See:
# ./squid -z 2008/12/03 23:07:10| http(s)_port: TPROXY option requires its own interception port. It cannot be shared. FATAL: Bungled squid.conf line 992: http_port 50080 tproxy transparent Squid Cache (Version 3.HEAD-20081121): Terminated abnormally. CPU Usage: 0.004 seconds = 0.000 user + 0.004 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 0
I don't understand why of this problem. No one process is using that port.
What can I do ?
Thanks!
Well since I haven't used squid myself, you should ask this question on the squid mailing list. The only relevant info I've found is: http://wiki.squid-cache.org/Features/Tproxy4 This says that you need to use: http_port 3129 tproxy But judging the error message above, it says that you are using 50080 port for other purposes in the same squid.conf. Try to dedicate a port for tproxy. -- Bazsi