[tproxy] Problem with TPROXY and RAPIDSHARE

Carlos Botejara cbotejara at argentina.com
Wed Aug 5 00:53:58 CEST 2009

I have a problem, but first I describe the scenario
I have clients with public IP
Mikrotik router redirecting traffic to SQUID
Squid 3.1 with support for TPROXY
Iptables 1.4.4 with support for TPROXY
Debian Lenny / Kernel 2.6.28 with support for TPROXY

The proxy works as well, and when I made some test pages whatismyip, shows that the ip is the CLIENT.
However. I can not get my clients with public IP address simultaneously downloading from RapidShare / Megaupload ETC. The error shown within these pages is the typical already are downloading from that ip, so if viewing RapidShare IP SQUID in reality and not the client. How fix this?

the configuration file of squid in the harbor is well

http_port 81 tproxy


iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp --dport 3128 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 81

ip rule add fwmark 1 lookup 100
ip route add local dev lo table 100

echo 1 > /proc/sys/net/ipv4/ip_forward

Have a rule in the firewall to redirect all traffic to port 80 of the SQUID to the IP, port 3128

All clients create sessions PPPOE in Router Mikrotik

May help?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20090804/60894a5a/attachment.htm 

More information about the tproxy mailing list