On 14.09.19 23:57, sknz wrote:
eht1 is not useless really, Coovachilli created tun0 under eth1. Yes, I've
heard about stateful firewall, though this is not my domain of expertise.
it's very hard to guess what's the problem and how should the solution look
like, when someone does this to
So I was testing from a client device(10.1.0.2) which is connected over WiFi
to an AP and that AP is connected to eth1 physically. In case you're
wondering, eth1 is connected to the server physically. Trying to connect an
HTTP website from the above-mentioned client device...
eht1 is not useless really, Coovachilli created tun0 under eth1. Yes, I've
heard about stateful firewall, though this is not my domain of expertise.
/CoovaChilli takes control of the internal interface (eth1) using a raw
promiscuous socket. It then uses the vtun kernel module to bring up a
On 14.09.19 06:01, sknz wrote:
Sorry if I make it more puzzled.
Here full packets and config :
https://paste.grasehotspot.org/view/raw/384d2a8b
Here full iptable rules : https://paste.grasehotspot.org/view/raw/eaf29a16
- do you really use IP to IP tunelling ? Does not look like it.
- from
Sorry if I make it more puzzled.
Here full packets and config :
https://paste.grasehotspot.org/view/raw/384d2a8b
Here full iptable rules : https://paste.grasehotspot.org/view/raw/eaf29a16
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
On 14/09/19 7:43 pm, sknz wrote:
> Hello Amos,
> Okay, ports are fixed from here and forwarded 80 to 3127 in iptables.
>
> http_port 3128 # for proxy client
> http_port 3127 intercept # for http intercept
>
This does not match the config suggested.
Can you please re-post the config used with
Hello Amos,
Okay, ports are fixed from here and forwarded 80 to 3127 in iptables.
http_port 3128 # for proxy client
http_port 3127 intercept # for http intercept
When a user tries to connect an HTTP site,
tcpdump -vv -ni eth1 port 80 >>>
https://paste.grasehotspot.org/view/raw/f81a60e4
On 14/09/19 4:48 am, sknz wrote:
> Hello reinerotto,
> I've been stuck here for 3 days! This is complete iptable rules after
> coova-chilli starts : https://paste.grasehotspot.org/view/raw/529efd6c
>
Each time you have posted details about your situation the ports used
have been different from
Hello reinerotto,
I've been stuck here for 3 days! This is complete iptable rules after
coova-chilli starts : https://paste.grasehotspot.org/view/raw/529efd6c
Please have a look at it.
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
Looks like an issue regarding iptables. Because coova-chilli modifies the
rules, during start-up.
So I doubt, the rules in your post are incomplete, _not_ after start of
coova.
Definitely, this is not a squid issue.
BTW: I have squid intercept running on openwrt devices. For commercial
hotspots.
I'm running an AP-Hotspot server(coovachilli, freeradius, squid, etc.) with
two NIC(eth0 and eth1). eth0 is for WAN(internet) and eth1 is for managing
LAN(APs). Coovachilli is created tun0 under the eth1 interface. I'm using
squid3 as an HTTP transparent proxy.
Hardware Setup Diagram
11 matches
Mail list logo