[tproxy] Iptables rules
Laszlo Attila Toth
panther at balabit.hu
Tue Jun 3 14:04:27 CEST 2008
Ritter, Nicholas wrote:
> What exactly are the redirection rules for wccp/iptables 1.4/squid
> 2.6/tproxy look like? I have browsed the Internet plus messed with it
> for a while now and found that the README rules don't fully work, and
Could you tell, what is the problem with the rules in README? That is
for TProxy 4.1. In fact, Squid-2.6 doesn't spoof the client's IP but it
works with TProxy.
Only Squid version 3.1 has full TProxy 4.1 support.
For cttproxy2 propably this is a good article:
http://web.suffieldacademy.org/ils/netadmin/docs/software/squid/
> the examples on the Internet don't fully work.
>
> Symptomatically, I see the router redirecting via the GRE tunnel, the
> squid box sees the gre packets (2.6 kernel), but ifconfig does not show
> the GRE interface counters incrementing, and the squid service run in
> debug mode shows no transactions. Something is wrong with either my
> iptables rules or my GRE tunnel setup. I don't think it is the GRE
> tunnel because I set it up the same exact was as I did the non-tproxy
> squid boxes that I have in the same setup which are working.
>
> Any help would be a appreciated. I can provide my rule setup, etc. if
> needed. My knowledge and direct interaction is limited with iptables,
> which is one more reason why I think the problem is there. BTW - my
> system log does show the tproxy module loading.
>
> Nick
--
Panther
More information about the tproxy
mailing list