[squid-users] Problems with transparancy and pf

Tue, 29 Mar 2011 03:03:42 -0700 

Hello list.
I've used squid together with pf for a while on a Freebsd 7.2-RELEASE machine. 



I've now installed Freebsd 8.2-RELEASE on new hardware and I'm using my 
config from the 7.2 machine.



My problem is that squid is not working with transparency. The browser 
traffic goes directly to the Internet.


Setting proxy in the browser works, so I believe squid is ok.

My question is about which build options I must use?

I've used the following:
SQUID_KERB_AUTH                 X       (ON)
SQUID_NIS_AUTH                  X       (ON)
SQUID_IPV6      (Default)       X       (ON)

SQUID_DELAY_POOLS               X       (ON)
SQUID_SNMP                      X       (ON)
SQUID_HTCP (CARP?)              X       (ON)
SQUID_WCCP                      X       (ON)
SQUID_IDENT                             (OFF)
SQUID_IPFW                      X       (ON)
SQUID_PF                        X       (ON)
SQUID_AUFS (Default)            X       (ON)
SQUID_KQUEUE                    X       (ON)

Then I found this
https://wiki.andrewmercer.net/index.php/Squid_-_Transparent_Proxy

Where he suggests that even
SQUID_IPFILTER                  X       (ON)

Should be activated.


I recompiled Squid3.1 with the above and now I get an error which I can 
understand because I do not have IPFilter installed/active.


____________________________________


2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open 
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open 
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open 
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open 
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open 
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open 
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open 
failed: (2) No such file or directory
2011/03/29 11:14:43| IpIntercept.cc(250) IpfInterception: NAT open 
failed: (2) No such file or directory
2011/03/29 11:14:44| IpIntercept.cc(250) IpfInterception: NAT open 
failed: (2) No such file or directory

_____________________________________

So when only pf is used, must I compile squid with IPFILTER and IPFW ?

Thanks

/Leslie






















					Reply via email to