[squid-users] TProxy HELP

Wed, 01 Apr 2009 10:51:25 -0700 

I have running squid 3.1.0.6 with TProxy on 2.6.28-11 (Ubuntu 64bit)
For some reason ALL my traffic shows up as a TCP_MISS ... If I revert back to transparent mode evertything is fine. If I switch to tproxy everything shows as a TCP_MISS. 
Why is this happening?

Here is my iptables rule

/usr/local/sbin/iptables -t mangle -N DIVERT
/usr/local/sbin/iptables -t mangle -A DIVERT -j MARK --set-mark 1
/usr/local/sbin/iptables -t mangle -A DIVERT -j ACCEPT
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129 
ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100

Here is what I see in the logs
1238607663.926 40 66.78.113.105 TCP_MISS/200 7867 GET http://www.shockwave.com/content/dailydiff/dailyThumbnails/04_09/bonus1.png - DIRECT/204.245.162.18 image/png 1238607663.940 59 66.78.111.208 TCP_MISS/200 4989 GET http://www.newholland.com/FILES/tbl_s27ProductLineText/SmallImage227/380/PLMlogo_icon_sm_1107.jpg - DIRECT/216.246.75.66 image/jpeg 1238607663.957 85 66.78.125.200 TCP_MISS/200 559 GET http://65.55.149.124/c.gif? - DIRECT/65.55.149.124 image/gif 1238607663.963 757 66.78.122.169 TCP_MISS/200 4071 GET http://photos-b.ll.facebook.com/photos-ll-snc1/v376/249/18/1646506269/s1646506269_23977_3791.jpg - DIRECT/208.111.128.7 image/jpeg 1238607663.975 39 66.78.113.105 TCP_MISS/200 776 GET http://www.shockwave.com/i/common/userBar/loginBkgTop.png - DIRECT/204.245.162.18 image/png 1238607663.977 39 66.78.111.61 TCP_MISS/200 539 GET http://live.nhl.com/data/scr21140.txt? - DIRECT/8.20.73.127 text/plain 1238607663.981 74 66.78.126.34 TCP_MISS/302 672 GET http://76.13.218.11/imp? - DIRECT/76.13.218.11 - 1238607663.998 46 66.78.122.51 TCP_MISS/200 5305 GET http://photos-c.ak.fbcdn.net/hphotos-ak-snc1/hs040.snc1/2672_613259522049_120814371_40777746_7186851_s.jpg - DIRECT/96.17.72.153 image/jpeg 1238607664.000 75 66.78.122.169 TCP_MISS/200 1393 GET http://as.casalemedia.com/j? - DIRECT/69.22.179.90 text/html 1238607664.013 42 66.78.122.51 TCP_MISS/200 5423 GET http://photos-d.ak.fbcdn.net/hphotos-ak-snc1/hs040.snc1/2672_613259527039_120814371_40777747_751075_s.jpg - DIRECT/96.17.72.112 image/jpeg 1238607664.026 52 66.78.112.152 TCP_MISS/200 8810 GET http://www.allthepornstars.com/tgpx/thumbs/17006.jpg - DIRECT/64.59.104.232 image/jpeg 1238607664.034 52 66.78.122.51 TCP_MISS/200 5095 GET http://photos-d.ak.fbcdn.net/hphotos-ak-snc1/hs040.snc1/2672_613253534049_120814371_40777627_4512188_s.jpg - DIRECT/96.17.72.97 image/jpeg 1238607664.034 31 66.78.122.51 TCP_MISS/200 2078 GET http://photos-e.ak.fbcdn.net/hphotos-ak-snc1/hs031.snc1/2659_65427156458_590101458_2173412_4841922_t.jpg - DIRECT/96.17.72.152 image/jpeg 1238607664.035 18 66.78.119.204 TCP_MISS/200 2327 GET http://img4.catalog.video.msn.com/Image.aspx? - DIRECT/208.111.128.6 image/jpeg 1238607664.049 89 66.78.112.212 TCP_MISS/204 451 GET http://g.microsoft.com/_0sfdata/1? - DIRECT/207.46.216.54 - 1238607664.062 53 66.78.111.135 TCP_MISS/200 387 GET http://www.tagesschau.de/image/icon_uhrzeit_3165bd.gif - DIRECT/204.245.162.16 image/gif 1238607664.075 24 66.78.122.51 TCP_MISS/200 3010 GET http://photos-h.ak.fbcdn.net/photos-ak-sf2p/v644/98/77/505791930/t505791930_1745911_6863.jpg - DIRECT/96.17.72.112 image/jpeg 1238607664.082 691 66.78.122.169 TCP_MISS/200 3914 GET http://photos-f.ll.facebook.com/photos-ll-snc1/v376/249/18/1646506269/s1646506269_23973_6825.jpg - DIRECT/208.111.128.6 image/jpeg 1238607664.084 20 66.78.122.51 TCP_MISS/200 2496 GET http://photos-f.ak.fbcdn.net/hphotos-ak-snc1/hs023.snc1/2647_61581702382_500977382_1462477_5458310_t.jpg - DIRECT/96.17.72.136 image/jpeg 1238607664.085 50 66.78.112.152 TCP_MISS/200 8354 GET http://www.allthepornstars.com/tgpx/thumbs/17008.jpg - DIRECT/64.59.104.232 image/jpeg 1238607664.086 39 66.78.125.181 TCP_MISS/200 1685 POST http://cowow2.7821k.com/idle/821282179/18213 - DIRECT/38.99.158.108 application/x-fcs 1238607664.091 38 66.78.111.61 TCP_MISS/200 491 GET http://live.nhl.com/data/clk21140.txt? - DIRECT/8.20.73.127 text/plain 1238607664.095 159 66.78.113.105 TCP_MISS/200 60821 GET http://www.shockwave.com/i/dynamicLeads/fuelmom_dynamic_feature.jpg - DIRECT/204.245.162.18 image/jpeg 1238607664.098 68 66.78.100.104 TCP_MISS/302 357 GET http://ad.doubleclick.net/ad/N5043.microsoftnetwork/B3311296.89;sz=1x1;ord=167838136? - DIRECT/74.125.242.25 - 1238607664.100 248 66.78.120.90 TCP_MISS/200 553 GET http://88.208.23.7/underplayer_spot.html - DIRECT/88.208.23.7 text/html 1238607664.103 99 66.78.112.152 TCP_MISS/200 13267 GET http://www.allthepornstars.com/tgpx/thumbs/17007.jpg - DIRECT/64.59.104.232 image/jpeg 1238607664.109 24 66.78.117.104 TCP_MISS/200 3791 GET http://www.cineplex.com/ecms.aspx/ea3dac5f-1c9e-479b-a3a9-f8cb7948241f/Trailers/coraline.jpg - DIRECT/216.176.51.102 image/jpeg 




--
=-=-=-=-=-=-=-=-=-=-=-=-=
Jamie Orzechowski - CCNA
RipNET Ltd. System/Network Administrator
Tel.: 613-342-3946 x294
THIS MESSAGE IS INTENDED ONLY FOR THE ADDRESSEE, IT MAY CONTAIN PRIVILEGED OR CONFIDENTIAL INFORMATION. ANY UNAUTHORIZED DISCLOSURE IS STRICTLY PROHIBITED. IF YOU HAVE RECEIVED THIS MESSAGE IN ERROR, PLEASE NOTIFY ME IMMEDIATELY SO THAT I MAY CORRECT MY INTERNAL RECORDS. PLEASE THEN DELETE THE ORIGINAL MESSAGE. =-=-=-=-=-=-=-=-=-=-=-=-=

Reply via email to