Amos- I applied that patch you sent over. I applied it against squid-3.HEAD-20080721 and the build went fine. When I installed it and did some testing this is what I observed trying to hit the url http://www.cnn.com:
This testing was done with intercept removed and just tproxy directive in the squid.conf. cache.log: 2008/07/29 09:29:52| IPInterception.cc(171) NetfilterTransparent: NF getsockopt(IP_TRANSPARENT) failed: (92) Protocol not available access.log: 1217341792.820 0 10.48.1.198 NONE/400 1831 GET / - NONE/- text/html Exact URL entered into IE7 on WindowsXP SP2 test machine: http://www.cnn.com Error on the client: The following error was encountered while trying to retrieve the URL: / Invalid URL Some aspect of the requested URL is incorrect. Some possible problems are: Missing or incorrect access protocol (should be http:// or similar) Missing hostname Illegal double-escape in the URL-Path Illegal character in hostname; underscores are not allowed. It appears as though to much is being stripped from the URL. If I renable both interception and tproxy in squid.conf, I get a working system again, with this in cache.log: 2008/07/29 09:42:29| IPInterception.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed: (11) Resource temporarily unavailable 2008/07/29 09:42:29| IPInterception.cc(171) NetfilterTransparent: NF getsockopt(IP_TRANSPARENT) failed: (92) Protocol not available 2008/07/29 09:42:50| commBind: Cannot bind socket FD 35 to 10.48.1.198:2173: (98) Address already in use 2008/07/29 09:42:50| comm.cc(1002) commResetFD: bind: (98) Address already in use 2008/07/29 09:42:52| commBind: Cannot bind socket FD 30 to 10.48.1.198:2165: (98) Address already in use 2008/07/29 09:42:52| comm.cc(1002) commResetFD: bind: (98) Address already in use I noticed that there is a non-local bind setting in proc: /proc/sys/net/ipv4/ip_nonlocal_bind should I set this to 1 or 0?
