Hi Amos,
Thanks for your kind response.As per your reply ,i set rp_filter value 2
.But no luck.
And then i tried for bridge mode in that i can see traffic in tproxy
iptables rules, but i m not getting requests in squid access.log
my os : fedora 15 64 bit
kernel: 2.6.40.4-5.fc15.x86_64
squid : Squid Cache: Version 3.1.15
As per your before suggestions, i used latest kernel and latest squid
version.But still same issue i am facing.Please please guide me to
solve this problem.
Regards,
Benjamin
On Sat, Sep 24, 2011 at 11:03 AM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On Fri, 23 Sep 2011 16:49:24 +0530, benjamin fernandis wrote:
>>
>> Hi All,
>>
>> I am trying to deploy squid with existing network for cache gain and
>> tproxy feature.I configured squid properly there is no error.I can see
>> traffic in access.log and iptables tproxy rule but at end users end
>> they are getting squid error page with request time out.
>>
>> What could be the mistake behind this problem.?
>>
>> Is there anything remaining in squid?
>
> It has recently been brought to my attentino that the rp_filter system
> underwent a re-designe in kernel 2.6.32 and what we had in the wiki is doing
> the opposite (strict blocking) of what we wanted (loose checks default, none
> on the interface). Check your rp_filter values they should be "2" now where
> previously we were advising "1", and "0" on the interface where TPROXY is
> happening.
>
>
>>
>> reference : http://wiki.squid-cache.org/Features/Tproxy4
>>
>>
>> squid version: 3.1.15
>> os : fedora 15
>>
>>
>> Squid in network:
>>
>> ROUTER ------------> PBR CONFIGURATION ( FOR port 80 traffic
>> pass to squid from bandwith shapper , for port 80 traffic pass
>> internet to squid)
>> |
>> |
>> SWITCH
>> | |
>> | | -----SQUID BOX
>> |
>> BANDWITH
>> SHAPPER
>> |
>> |
>> END USERS
>>
>>
>>
>> Kindly guide me to solve this abnormal problem.
>>
>>
>> Thanks,
>> Benjamin
>
>
Received on Sun Sep 25 2011 - 13:14:07 MDT
This archive was generated by hypermail 2.2.0 : Mon Sep 26 2011 - 12:00:02 MDT