On Thursday 25 March 2004 08:44, E Roberts wrote: > I have come across a strange problem, after what could be days, hours or > even 10 minutes my transparent proxy will just stop working. I have tried
tcpdump of this? What _exactly_ is not happening anymore? > to restart squid, flush and reset my firewall rules, restart NoCatAuth, > and in the end the only thing that will get this working again is a full > reboot. > The setup I'm using is this: > > Slackware linux > kernel 2.4.20 There are bugs in 2.4.20 iptables. Upgrade to latest and retest. > Squid 2.5.STABLE4 > iptables v1.2.8 > > My firewall rules seam to be unchanged when this takes effect, here is the > part for the transparent proxy: > > Chain PREROUTING (policy ACCEPT) > target prot opt source destination > REDIRECT tcp -- 192.168.0.0/16 <ip removed> MARK match 0x4 > tcp dpt:http redir ports 8080 > REDIRECT tcp -- 192.168.0.0/16 anywhere MARK match 0x3 > tcp dpt:http redir ports 8080 > REDIRECT tcp -- 192.168.0.0/16 anywhere MARK match 0x2 > tcp dpt:http redir ports 8080 > REDIRECT tcp -- 192.168.0.0/16 anywhere MARK match 0x1 > tcp dpt:http redir ports 8080 > ACCEPT all -- 10.0.0.0/8 anywhere > ACCEPT all -- 1.0.0.0/8 anywhere > NoCat_Capture all -- anywhere anywhere > DROP tcp -- !localhost anywhere tcp dpt:8080 > > What is strange is that the sibling proxys are still able to use this as > their parent, and if you connect to port 8080 directly it will work (of > course this is with out the above DROP being in the rules). > > I figure this might be an IPtables issue but hope to see if anyone has had > this issue or could point me in the correct location. > > Regards -- vda
