On 24/12/10 21:40, benjamin fernandis wrote:
> Hi Friends,
>
> I m getting errors in cache.log file..
>
> [root_at_localhost.localdomain ~]# tail -f /var/log/squid/cache.log
> 2010/12/24 13:26:21| IpIntercept.cc(137) NetfilterInterception: NF
> getsockopt(SO_ORIGINAL_DST) failed on FD 316: (92) Protocol not
> available
Two possible causes:
The less common one is NAT failure or overflow in the box TCP systems.
This is more usually seen when receiving non-NAT requests in a port
flagged to perform NAT processing on the traffic. It is a needless
security hole opening CVE-2009-0801 to any client. Use two ports, one
for regular traffic and one for NAT intercept traffic.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.9 Beta testers wanted for 3.2.0.3Received on Fri Dec 24 2010 - 13:07:08 MST
This archive was generated by hypermail 2.2.0 : Fri Dec 24 2010 - 12:00:03 MST