[squid-users] TPROXY Error

[Eliezer Croitoru]

Hey Ben,

I want to try and reset this issue because I am missing some technical
details.

1. What Linux Distro and what version are you using?
2. the output of 'ip address'
3. the output of 'ip rule'
4.  the output of 'ip route show'
5.  the output of 'ip route show table 100'
6. the output of 'iptables-save'
7. the output of 'nft -nn list ruleset' (if exists on the OS)
8. the output of your squid.conf
9. the output of 'squid -v'
10. the output of 'uname -a'

Once we will have all the above details (reducing/modifying any private
details) we can try to maybe help you.

Eliezer

-----Original Message-----
From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of
Ben Goz
Sent: Wednesday, June 30, 2021 3:16 PM
To: squid-users at lists.squid-cache.org
Subject: [squid-users] TPROXY Error

 By the help of God.

Hi All,
I'm trying to configure squid as a transparent proxy using TPROXY.
The machine I'm using has 2 NICs, one for input and the other one for
output traffic.
The TPROXY iptables rules are configured on the input NIC.
It looks like iptables TPROXY redirect works but squid prints out the
following error:

ERROR: NAT/TPROXY lookup failed to locate original IPs on
local=xxx:443 remote=xxx:49471 FD 14 flags=17

I think I loaded all TPROXY required kernel modules.

The ip forwarding works fine without the iptables rules. and I don't
see any squid ERROR on getsockopt

Please let me know what I'm missing?

Thanks,
Ben
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users