[tproxy] tproxy + squid 3 + kernel 2.6.25 + iptables 1.4.0

Nataniel Klug nata at cnett.com.br
Wed Jun 18 20:07:44 CEST 2008 

    Hello guys,

    I am having serius problems on putting this system to run. My system is:

CentOS v5.1 (like Red Hat Enterprises)

Kernel 2.6.25 - compiled with this patches:
- 
http://www.balabit.com/downloads/files/tproxy/tproxy-kernel-2.6.25-20080519-165031-1211208631.tar.bz2
- 
http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.18.tar.gz

Iptables 1.4.0 - compiled with this patches:
- 
http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.18.tar.gz
- wget 
http://www.balabit.com/downloads/files/tproxy/tproxy-iptables-1.4.0-20080521-113954-1211362794.patch
- wget 
http://www.balabit.com/downloads/files/tproxy/tproxy-iptables-20080204-1915.patch

    All tproxy patchs I have get from:

http://www.balabit.com/downloads/files/tproxy/

    When I tryed to use iptables it works just fine with TPROXY rules. 
So it is ok to work. Now I want to compile Squid:

Squid source: 
http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE6.tar.gz

    I used this command line to configure:

./configure *--enable-linux-tproxy *--with-large-files 
--with-filedescriptors=16384 --enable-storeio=aufs,coss,diskd,ufs 
--enable-poll --enable-delay-pools --enable-htcp --enable-carp 
--with-pthreads --enable-underscores --enable-external --enable-arp-acl

    During the process it came with this message:

checking for linux/netfilter_ipv4.h... yes
checking for linux/netfilter_ipv4/ip_tproxy.h... no
...
checking if TPROXY header files are installed... no
WARNING: Cannot find TPROXY headers, you need to install the
tproxy package from:
 - lynx http://www.balabit.com/downloads/tproxy/

    I have come into /usr/src/linux and found a xt_TPROXY.h file under 
netfilter directory but NO ip_tproxy.h. Here is the problem. After all 
squid compilation it is installed but when I try to use:

http_port 3128 transparent tproxy

    It returns an error. What can I do to solve this problem?

-- 
Att,

NATANIEL KLUG
nata at cnett.com.br

LEIA O DIA-A-DIA DO NATA
http://nataklug.blogspot.com/

Cyber Nett - Internet Banda Larga
www.cnett.com.br
(42) 3635-2957
Rua Diogo Pinto, 1046, Centro
Laranjeiras do Sul - PR
Brasil - 85301-290

"... também os sábios possuem coração tangível e podem, por vezes, usar da ciência como meio de demonstrar impressões sentimentais de que muitos não os julgam suscetíveis."
Visconde de Taunay

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20080618/6bb2dd3f/attachment.htm

More information about the tproxy mailing list