[tproxy] tproxy + squid 3 + kernel 2.6.25 + iptables 1.4.0

Ritter, Nicholas Nicholas.Ritter at americantv.com
Wed Jun 18 21:19:14 CEST 2008

I am using almost the same software...I copied the file and renamed it. I used Squid3HEAD and it compiled and ran fine...but I still have not been able to get it fully working...


From: tproxy-bounces at lists.balabit.hu [mailto:tproxy-bounces at lists.balabit.hu] On Behalf Of Nataniel Klug
Sent: Wednesday, June 18, 2008 1:08 PM
To: tproxy at lists.balabit.hu
Subject: [tproxy] tproxy + squid 3 + kernel 2.6.25 + iptables 1.4.0

    Hello guys,

    I am having serius problems on putting this system to run. My system is:

CentOS v5.1 (like Red Hat Enterprises)

Kernel 2.6.25 - compiled with this patches:
- http://www.balabit.com/downloads/files/tproxy/tproxy-kernel-2.6.25-20080519-165031-1211208631.tar.bz2
- http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.18.tar.gz

Iptables 1.4.0 - compiled with this patches:
- http://ufpr.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.18.tar.gz
- wget http://www.balabit.com/downloads/files/tproxy/tproxy-iptables-1.4.0-20080521-113954-1211362794.patch
- wget http://www.balabit.com/downloads/files/tproxy/tproxy-iptables-20080204-1915.patch

    All tproxy patchs I have get from:


    When I tryed to use iptables it works just fine with TPROXY rules. So it is ok to work. Now I want to compile Squid:

Squid source: http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE6.tar.gz

    I used this command line to configure:

./configure --enable-linux-tproxy --with-large-files --with-filedescriptors=16384 --enable-storeio=aufs,coss,diskd,ufs --enable-poll --enable-delay-pools --enable-htcp --enable-carp --with-pthreads --enable-underscores --enable-external --enable-arp-acl

    During the process it came with this message:

checking for linux/netfilter_ipv4.h... yes
checking for linux/netfilter_ipv4/ip_tproxy.h... no
checking if TPROXY header files are installed... no
WARNING: Cannot find TPROXY headers, you need to install the
tproxy package from:
 - lynx http://www.balabit.com/downloads/tproxy/

    I have come into /usr/src/linux and found a xt_TPROXY.h file under netfilter directory but NO ip_tproxy.h. Here is the problem. After all squid compilation it is installed but when I try to use:

http_port 3128 transparent tproxy

    It returns an error. What can I do to solve this problem?


nata at cnett.com.br


Cyber Nett - Internet Banda Larga
(42) 3635-2957
Rua Diogo Pinto, 1046, Centro
Laranjeiras do Sul - PR
Brasil - 85301-290

"... também os sábios possuem coração tangível e podem, por vezes, usar da ciência como meio de demonstrar impressões sentimentais de que muitos não os julgam suscetíveis."
Visconde de Taunay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20080618/58d50f8c/attachment.htm 

More information about the tproxy mailing list