[tproxy] Tproxy 4 bugs after installation
Ayham Abou Afach
a.afach at neotech-s.com
Thu Sep 4 11:42:26 CEST 2008
Hi Every body
i have some problems with tproxy after installation on ubuntu server
8.04 AMD 64
with the following :
Iptables 1.4.0
squid-3.HEAD-20080901
tproxy-iptables-1.4.0-20080521-113954-1211362794.patch
tproxy-kernel-2.6.25-20080519-165031-1211208631
Kernel 2.6.24.19
with the following rules file for iptables :
*mangle
:PREROUTING ACCEPT [263600:125723686]
:INPUT ACCEPT [616826:343701577]
:FORWARD ACCEPT [239812:121581975]
:OUTPUT ACCEPT [1011781:458569186]
:POSTROUTING ACCEPT [1250543:580095901]
:DIVERT - [0:0]
-A PREROUTING -p tcp -m tcp --dport 80 -j TPROXY --on-port 8080
--on-ip 0.0.0.0 --tproxy-mark 0x1/0x1
-A PREROUTING -p tcp -m socket -j DIVERT
-A DIVERT -j MARK --set-mark 0x1
-A DIVERT -j ACCEPT
COMMIT
and the following ip rules :
ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100
and enabling nonlocal bind
echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind
And with squid configuration
http_port 8080 transparent tproxy
And every thing is fine all users are going out with their own IP
addresses and that what i want
but there is some problems with post pages and some get ones i see these
errors in squid cache.log :
IPInterception.cc(137) NetfilterInterception: NF
getsockopt(SO_ORIGINAL_DST) failed: (11) Resource temporarily
unavailable
commBind: Cannot bind socket FD 60 to 192.168.0.2:4288: (98)
Address already in use
and this error in my explorer :
* Connection to www.yahoo.com failed.*
The system returned: /(99) Cannot assign requested address
/
any body has some about this case HELP please
More information about the tproxy
mailing list