I can't figure out how to use transparent squid 2.6 with ipfw.
I don't use --enable-{ipf,pf}-transparent because I only use
ipfw (ipfirewall), not ipf (IP filter) or pf (packet filter). I also
don't use --enable-linux-{netfilter,tproxy}, because I've got
FreeBSD installed, not Linux.
My guess is for transparent proxying to work one of these
options has to be enabled. Let's see what happens.
I compiled squid without any of these options. In cache.log
I see:
Accepting transparently proxied HTTP connections at 0.0.0.0, port 3128, FD 12.
Great! But when I actually try to forward any packets there,
I get this in cache.log:
2006/07/05 12:04:31| WARNING: transparent proxying not supported
2006/07/05 12:04:31| Failed to select source for 'http://mail.ru/'
2006/07/05 12:04:31| always_direct = 0
2006/07/05 12:04:31| never_direct = 0
2006/07/05 12:04:31| timedout = 0
this in access.log:
1152086671.736 1 10.17.225.45 TCP_MISS/503 1589 GET
http://mail.ru/ - NONE/- text/html
and this in the browser:
<...>
The following error was encountered:
* Unable to forward this request at this time.
<...>
With squid 2.5, I didn't have to compile it with any
transparency-related options, it just worked. Squid did not
have a notion of being transparent, so it worked great. Now
I have to wonder how to get it working. Can I use accelerator
options to bring back the old behavior? Can I compile squid
with other options and use it with ipfw?
Any help will be much appreciated, thanks!
Received on Wed Jul 05 2006 - 05:17:32 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Aug 01 2006 - 12:00:01 MDT