[squid-users] (no subject)
Vieri Di Paola
vieridipaola at gmail.com
Tue Oct 22 12:23:17 UTC 2019
On Tue, Oct 22, 2019 at 1:48 PM Amos Jeffries <squid3 at treenet.co.nz> wrote:
>
> I do not see any DIVERT rule at all in your firewall config dump. That
> is at least part of the problem.
I opened the previous dump and saw the divert rules here below:
Chain PREROUTING (policy ACCEPT 573K packets, 462M bytes)
pkts bytes target prot opt in out source
destination
573K 462M CONNMARK all -- * * 0.0.0.0/0
0.0.0.0/0 CONNMARK restore mask 0xff
1213 181K routemark all -- ppp1 * 0.0.0.0/0
0.0.0.0/0 mark match 0x0/0xff
3195 308K routemark all -- ppp2 * 0.0.0.0/0
0.0.0.0/0 mark match 0x0/0xff
1320 79360 routemark all -- ppp3 * 0.0.0.0/0
0.0.0.0/0 mark match 0x0/0xff
311K 277M tcpre all -- * * 0.0.0.0/0
0.0.0.0/0 mark match 0x0/0xff
0 0 divert tcp -- ppp1 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:80 flags:!0x17/0x02 socket
--transparent
0 0 divert tcp -- ppp2 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:80 flags:!0x17/0x02 socket
--transparent
0 0 divert tcp -- ppp3 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:80 flags:!0x17/0x02 socket
--transparent
76 7484 TPROXY tcp -- enp10s0 * 10.215.144.48
0.0.0.0/0 tcp dpt:80 TPROXY redirect 0.0.0.0:3129 mark
0x200/0x200
0 0 divert tcp -- ppp1 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:443 flags:!0x17/0x02 socket
--transparent
0 0 divert tcp -- ppp2 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:443 flags:!0x17/0x02 socket
--transparent
0 0 divert tcp -- ppp3 * 0.0.0.0/0
10.215.144.48 [goto] tcp spt:443 flags:!0x17/0x02 socket
--transparent
10 1060 TPROXY tcp -- enp10s0 * 10.215.144.48
0.0.0.0/0 tcp dpt:443 TPROXY redirect 0.0.0.0:3130 mark
0x200/0x200
Aren't these the DIVERT rules you are referring to?
More information about the squid-users
mailing list