[tproxy] tproxy + squid 3 + kernel 2.6.25 + iptables 1.4.0
Nataniel Klug
nata at cnett.com.br
Fri Jun 20 13:59:42 CEST 2008
Laszlo,
Thanks for the help. I will need some advices to configure the system
but this is another history... ;)
Laszlo Attila Toth escreveu:
> Hi,
>
> Nataniel Klug wrote:
>> People,
>>
>> With this advice from Anton I have made some changes. As I could not
>> find Squid-3.1 I used Squid-3HEAD and, for my surprise, using
>> --enable-linux-netfilter it enables "transparent tproxy" feature.
>
> Squid-3 head is also called as Squid-3.1. I don't know the exact
> versioning of squid.
>
>
>>
>> I will try to make this new compilation using kernel-2.6.25 becouse
>> my test was using 2.6.24.7 (as Anton said).
>
>
> I will forward port of the kernel patches to 2.6.25 and 2.6.26 and
> test when I'll have time for it. But first I have to eliminate a
> problem related to the tproxy that it doesn't work if the interface is
> in bridge mode (br0, etc). This issue occurs on each versions of
> tproxy4 (4.0 and 4.1). The 4.0 branch is used internally in our
> product but my assumption is that when I fix the 4.0, I can find a
> solution for 4.1, too. Now I have no idea why it goes wrong with a
> bridge: TPROXY target (and iptables/netfilter) doesn't receive any
> packets.
>
--
Att,
NATANIEL KLUG
nata at cnett.com.br
LEIA O DIA-A-DIA DO NATA
http://nataklug.blogspot.com/
Cyber Nett - Internet Banda Larga
www.cnett.com.br
(42) 3635-2957
Rua Diogo Pinto, 1046, Centro
Laranjeiras do Sul - PR
Brasil - 85301-290
"... também os sábios possuem coração tangível e podem, por vezes, usar da ciência como meio de demonstrar impressões sentimentais de que muitos não os julgam suscetíveis."
Visconde de Taunay
More information about the tproxy
mailing list