I have a lab environment set up using two Debian Wheezy servers (Squeeze
doesn't have a new enough kernel or iptables to do TPROXY properly). One of
the servers is a router and the other is a proxy server. There are several
clients connected to the router to simulate a production routing
environment. If I have both the TPROXY redirection and Squid on the same
server, Squid handles the requests and everything works perfectly. However,
this isn't how I want the proxy to be configured in our production
environment. I've changed my iptables rules on the router to redirect all
tagged 1 packets to the proxy server. This is working perfectly fine and I
can see the data being routed to the proxy server using tcpdump on both the
router and the proxy. However, Squid on the proxy server doesn't seem to
'see' the data being routed and doesn't do anything with it. I have
"http_port 3129 tproxy" set on the proxy server. Is there anything special I
need to do using iptables on the proxy server?
Both servers are running kernel 3.2.0-2-amd64 and iptables 1.4.13 from
Wheezy and the Squid being used on the proxy is 3.1.19. If any more
information is needed, please just let me know and I'd be happy to supply
it. Thanks.
--Thomas York
This archive was generated by hypermail 2.2.0 : Thu May 31 2012 - 12:00:05 MDT