[squid-users] Squid can't cache web traffic via TPROXY

Mon, 18 Sep 2006 23:37:58 -0700 

Dear all,
      I just implement linux box consist of linux 2.6.17 + tproxy + squid
2.6 + wccp v1 + iptable 1.3 . I follow through step by step for tproxy
solution like this
      1. recomplie kernel with tproxy patch  ==> It's ok I try to lsmod
then I see

iptable_tproxy         23316  1
iptable_nat            13188  1 iptable_tproxy
ip_nat                 29100  2 iptable_tproxy,iptable_nat
ip_conntrack           61280  3 iptable_tproxy,iptable_nat,ip_nat
ip_tables              18372  3 iptable_filter,iptable_tproxy,iptable_nat
ipt_TPROXY              6400  1
ipt_tproxy              6144  0
x_tables               19972  5
iptable_nat,ip_tables,xt_tcpudp,ipt_TPROXY,ipt_tproxy

      2. create gre interface
              # ifconfig gre0 127.0.0.2 up
      ==> It's got good result .

      3. uninstall iptables 1.3 rpm then recomplie iptable with tproxy
patch

   I use this rule of iptables
# iptables -A PREROUTING -i all -p tcp -m tcp --dport 80 -j TPROXY --on-port
3128

==> I think it is fine .. see output of lsmod and this result of iptables
command

# iptables -t tproxy -L -v
Chain PREROUTING (policy ACCEPT 265 packets, 41235 bytes)
pkts bytes target     prot opt in     out     source
destination
   0     0 TPROXY     tcp  --  all    any     anywhere
anywhere            tcp dpt:http TPROXY redirect 0.0.0.0:3128

Chain OUTPUT (policy ACCEPT 10 packets, 771 bytes)
pkts bytes target     prot opt in     out     source
destination

           4. I recompile source rpm with new version of
squid-2.6.STABLE3-2.src.rpm --> with enable tproxy configuration
               My squid.conf like this

http_port 3128 transparent tproxy vhost vport=80

always_direct allow all

http_access allow all

wccp_router x.x.x.x
wccp_version 4
wccp2_rebuild_wait off
wccp2_forwarding_method 1
wccp2_return_method 1
wccp_address 0.0.0.0

             I start squid without error.

           5. tunning the kernel option : disable rp_filter, enable
ip_forwarding
      # sysctl -a | grep rp_filter
net.ipv4.conf.gre0.arp_filter = 0
net.ipv4.conf.gre0.rp_filter = 0
net.ipv4.conf.eth1.arp_filter = 0
net.ipv4.conf.eth1.rp_filter = 0
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.rp_filter = 0

        # sysctl -a | grep ip_forward
net.ipv4.ip_forward = 1

               5. I enable wccp on router
               6. debug traffic with tcpdump
                  - I can find port 80 traffic between client and web
server
                  - TPROXY can capture every thing
                  But I can't see any access log in
/var/log/squid/access.log
             Please Help me!!!


Thanks

Reply via email to