On 23/01/2017 2:49 a.m., Alexander wrote: > As far as I remember, I have tried both options, REDIRECT and TPROXY, but > TPROXY is the preferred one for us. I will try one more time on Monday. > However, I suppose that something else prevents squid from working properly. > Maybe on of sysctls, like net.ipv4.ip_nonlocal_bind, will do the trick.
Maybe. I expect that REDIRECT will be the required way for FTP at present, since TPROXY has requirements that there is a client socket state to associate with the non-local binding. Essentially that sockets are opened directionally in sequence client->proxy->server - whereas FTP data connections are opened in the opposite sequencing order: server->squid first, then squid->client. Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
