[tproxy] squid+tproxy+bridge for transparent proxying
KOVACS Krisztian
hidden@balabit.hu
Fri, 14 Jan 2005 16:49:36 +0100
Hi,
2005-01-14, p keltezéssel 12.13-kor Eskay Lee ezt írta:
> I setup linux+bridge+squid+tproxy to see the client IP address on Web
> server.
> As the manuals, I configured all the patches and parameters.
> In squid.conf, I did "linux_tproxy on" but I don't know how to set
> "tcp_outgoing _address".
> My squid box is a just bridge not Gateway.
> Please let me know How to set "tcp_outgoing_address" on bridge mode.
> Also I put the one IP address, i.e, 10..1.1.100 as tcp_outgoing_address, web
> server is 10.1.1.120.
>
> Then If I browse the URL on Web server, I got the error like followings:
> ERROR
> The requested URL could not be retrieved
> . Socket Failure
> (99) Cannot assign requested address
>
> How can I solve this problem?
Did you follow the steps outlined in
http://www.sanog.org/resources/sanog4-devdas-transproxy.pdf ? BTW, I've
never seen this document before, but looks interesting for sure.
Please note that the Squid patch for tproxy support mentioned on the
page above is completely independent from BalaBit and the authors of the
tproxy patch, and was kindly contributed by Gianni Tedesco and James
MacLean. I'm not really sure, but I'd say that in your case bind() fails
because you did not have any interfaces configured with 10.1.1.100. Try
creating a dummy interface (dummy0), and adding the address 10.1.1.100
to that interface.
> Also Can I use some gzip compression mode on Squid ?
I must admit that I don't really know Squid, so probably I'm not the
right person to ask. Have you already tried the Squid documentation, or
the Squid users mailing list?
--
Regards,
Krisztian Kovacs