Fwd: [squid-users] Squid + Tproxy + Bridge on Kernel 2.6.34 - Workaround
FYI - -------- Original Message -------- Subject: [squid-users] Squid + Tproxy + Bridge on Kernel 2.6.34 - Workaround Date: Wed, 26 May 2010 09:51:39 +0530 From: senthilkumaar2021 <senthilkumaar2021@gmail.com> To: squid-users@squid-cache.org CC: netfilter@vger.kernel.org Hi, Squid + Tproxy + Bridge Setup on latest kernel - version 2.6.34 I had followed all the steps that had given in the http://wiki.squid-cache.org/Features/Tproxy4 Kernel - 2.6.34 iptable - 1.4.8 ebtable - 2.0.9-1 But clients were unable to browse and no errors in cache.log. Error - Network Unreachable. The error had returned by browser not squid proxy. Workaround :- After adding the following rules, clients are able to browse. # ip rule add dev<device name> fwmark 1 lookup 100 example # ip rule add dev eth0 fwmark 1 lookup 100 NOTE : Repeat the above for each interface except " lo " Source -https://lists.balabit.hu/pipermail/tproxy/2010-January/001212.html Based on the above source this issue had identified on kernel version - 2.6.32. But still not yet fixed. I have CC ed this mail to netfilter mailing lists also. Hope this helps Thanks, Senthil
hey, what squid version are you using 2.7 or 3.1. if 3.1 then will this workaround will work for 2.7 as well ? thanks and regards ----------------------------------------
Date: Wed, 26 May 2010 10:08:22 +0530 From: vivek@visolve.com To: tproxy@lists.balabit.hu Subject: [tproxy] Fwd: [squid-users] Squid + Tproxy + Bridge on Kernel 2.6.34 - Workaround
FYI -
-------- Original Message -------- Subject: [squid-users] Squid + Tproxy + Bridge on Kernel 2.6.34 - Workaround Date: Wed, 26 May 2010 09:51:39 +0530 From: senthilkumaar2021 To: squid-users@squid-cache.org CC: netfilter@vger.kernel.org
Hi,
Squid + Tproxy + Bridge Setup on latest kernel - version 2.6.34
I had followed all the steps that had given in the http://wiki.squid-cache.org/Features/Tproxy4
Kernel - 2.6.34 iptable - 1.4.8 ebtable - 2.0.9-1
But clients were unable to browse and no errors in cache.log. Error - Network Unreachable. The error had returned by browser not squid proxy.
Workaround :-
After adding the following rules, clients are able to browse.
# ip rule add dev fwmark 1 lookup 100
example
# ip rule add dev eth0 fwmark 1 lookup 100
NOTE : Repeat the above for each interface except " lo "
Source -https://lists.balabit.hu/pipermail/tproxy/2010-January/001212.html
Based on the above source this issue had identified on kernel version - 2.6.32. But still not yet fixed.
I have CC ed this mail to netfilter mailing lists also.
Hope this helps
Thanks, Senthil
_______________________________________________ tproxy mailing list tproxy@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/tproxy
_________________________________________________________________ http://clk.atdmt.com/UKM/go/197222280/direct/01/ Do you have a story that started on Hotmail? Tell us now
Hi All, Thanks for the reply We have used squid2.7stable6 with tproxy4 patch from visolve Here is the link for patch http://www.visolve.com/squid/Squid-2.7-Tproxy-4.patch.gz Regards senthil On Wed, May 26, 2010 at 3:07 PM, sameer khan <khanzadap@hotmail.com> wrote:
hey,
what squid version are you using 2.7 or 3.1. if 3.1 then will this workaround will work for 2.7 as well ?
thanks and regards
----------------------------------------
Date: Wed, 26 May 2010 10:08:22 +0530 From: vivek@visolve.com To: tproxy@lists.balabit.hu Subject: [tproxy] Fwd: [squid-users] Squid + Tproxy + Bridge on Kernel 2.6.34 - Workaround
FYI -
-------- Original Message -------- Subject: [squid-users] Squid + Tproxy + Bridge on Kernel 2.6.34 - Workaround Date: Wed, 26 May 2010 09:51:39 +0530 From: senthilkumaar2021 To: squid-users@squid-cache.org CC: netfilter@vger.kernel.org
Hi,
Squid + Tproxy + Bridge Setup on latest kernel - version 2.6.34
I had followed all the steps that had given in the http://wiki.squid-cache.org/Features/Tproxy4
Kernel - 2.6.34 iptable - 1.4.8 ebtable - 2.0.9-1
But clients were unable to browse and no errors in cache.log. Error - Network Unreachable. The error had returned by browser not squid proxy.
Workaround :-
After adding the following rules, clients are able to browse.
# ip rule add dev fwmark 1 lookup 100
example
# ip rule add dev eth0 fwmark 1 lookup 100
NOTE : Repeat the above for each interface except " lo "
Source - https://lists.balabit.hu/pipermail/tproxy/2010-January/001212.html
Based on the above source this issue had identified on kernel version - 2.6.32. But still not yet fixed.
I have CC ed this mail to netfilter mailing lists also.
Hope this helps
Thanks, Senthil
_______________________________________________ tproxy mailing list tproxy@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/tproxy
_________________________________________________________________ http://clk.atdmt.com/UKM/go/197222280/direct/01/ Do you have a story that started on Hotmail? Tell us now _______________________________________________ tproxy mailing list tproxy@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/tproxy
participants (3)
-
sameer khan
-
senthil kumar
-
Vivek