[squid-users] Re:%20[squid-users]%20HTTPS%20&%20transparent%20proxy

From: James Steele <james9s@dont-contact.us>
Date: Tue, 28 Mar 2006 18:38:36 -0800 (PST)

I see roughtly the same thing Daniel sees. Before
manually configuring the server, there are no GRE
interfaces. When you enter modprobe ip_gre, a gre0
interface is created. Attempting to use that interface
with a ip tunnel add gre0... command yields a no
buffer space available. As a result, ip tunnel add
gre1... or, in my case:
ip tunnel add wccp mode gre remote <my router> dev
etho
ifconfig wccp 127.0.0.2 up
iptables -t nat -F
iptables -t nat -A PREROUTING -i wccp -p tcp --dport
80 -j REDIRET --to-ports 3128

iptables -vnt nat -L will show the expected PREROUTING
entry with the pkts and bytes column at zero.

tcpdump -vvi any -n ip also yields the expected
result, namely the UDP 2048 chatter, the gre traffic
and the decoded browser initiated traffic with it's
source address and the destination address of where
the broswer is trying to reach.

However, I get -no-squid-traffic- I get just the two
packets (ignoring the UDP chatter) One GRE encoded
packet, one decrypted packet (with the SYN flag).

I see the pkt and byte counts increment with iptables
-vnt nat -L as the browser retries 6 times.

If I add a LOG to iptables:
iptables -t nat -A PREROUTING -i wccp -p tcp --dport
80 -j LOG
I get log entries. This tells me I have everything
working right up thru the iptables redirect. But Squid
sees nothing, nothing goes into the access.log

Configuring the browser to use the proxy/cache works.
Squid itself is working AND I have the required lines:
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

what boneheaded error am I making?

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Received on Tue Mar 28 2006 - 19:38:43 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:04 MST