hello i have :
kernel 2.6.15.7 with cttproxy patch applien (cleanly)
squid 2.6 with:
<config>
http_port 192.168.20.2:8080
linux_tproxy on
tproxy_port 8080
</config>
squid lan ip:
192.168.20.2
squid wan ip:
192.168.0.10
iptables:
iptables -L -n -v -t tproxy
Chain PREROUTING (policy ACCEPT 579 packets, 74985 bytes)
pkts bytes target prot opt in out source
destination
10 480 TPROXY tcp -- eth1.671 * 0.0.0.0/0
0.0.0.0/0 tcp dpt:80 TPROXY redirect 0.0.0.0:8080
Chain OUTPUT (policy ACCEPT 1899 packets, 144K bytes)
pkts bytes target prot opt in out source
destination
and if i set proxy in web browser to: 192.168.20.2 on port 80 i have
http access:
but
tcpdump -i eth0 -n -p
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 68 bytes
13:46:18.251369 IP 212.77.100.128.80 > 192.168.0.10.53851: F
2968402288:2968402288(0) ack 1284802216 win 2742 <nop,nop,timestamp
3009682896 122552088>
13:46:18.251542 IP 192.168.0.10.53851 > 212.77.100.128.80: F 1:1(0) ack
1 win 7252 <nop,nop,timestamp 122554597 3009682896>
13:46:18.267612 IP 212.77.100.128.80 > 192.168.0.10.53851: . ack 2 win
2742 <nop,nop,timestamp 3009682912 122554597>
13:46:19.197962 IP 212.77.100.127.80 > 192.168.0.10.55233: F
3799766088:3799766088(0) ack 1288087522 win 8811
13:46:19.198033 IP 192.168.0.10.55233 > 212.77.100.127.80: F 1:1(0) ack
1 win 32767
13:46:19.214958 IP 212.77.100.127.80 > 192.168.0.10.55233: . ack 2 win 8811
All outgoing connections from squid are with squid-wan-ip not my test
box ip which is 172.16.0.2
