Re: [squid-users] WCCP2 L2 redirect with Squid transparent

From: Shawn Wright <swright_at_shawnigan.ca>
Date: Thu, 26 Aug 2010 11:49:34 -0700 (PDT)

Got it working after closer inspection of tcpdump output, which revealed a routing problem.

Now I need to move on to SSL traffic. We are using Squid 2.6-20 in production, so clearly we need to upgrade to use SSLbump. Which version of squid is considered most stable for use with SSLbump, in conjunction with many ACLs and delay pools.

Thanks

> ----- "Amos Jeffries" <squid3_at_treenet.co.nz> wrote:
> Sorry, that last reply was meant for the list. I checked into the
> rp_filter setting:
>
> net.ipv4.conf.lo.rp_filter = 0
> net.ipv4.conf.lo.arp_filter = 0
> net.ipv4.conf.all.rp_filter = 0
> net.ipv4.conf.all.arp_filter = 0
> net.ipv4.conf.default.rp_filter = 0
> net.ipv4.conf.default.arp_filter = 0
> net.ipv4.conf.eth0.rp_filter = 0
> net.ipv4.conf.eth0.arp_filter = 0
> net.ipv4.conf.eth1.rp_filter = 0
> net.ipv4.conf.eth1.arp_filter = 0
> net.ipv4.conf.gre0.rp_filter = 0
> net.ipv4.conf.gre0.arp_filter = 0
>
> Also, the tcpdump from the client shows nothing coming back to it,
> just the outgoing SYN.
>
>
> Regards,
>
>
> Shawn Wright
> I.T. Manager, Shawnigan Lake School
> http://www.shawnigan.ca
Received on Thu Aug 26 2010 - 18:49:37 MDT

This archive was generated by hypermail 2.2.0 : Fri Aug 27 2010 - 12:00:03 MDT