<div dir="ltr">Hi,<div><br></div><div><div>Is this squid box a router or just a proxy?</div><div>- just a proxy</div><div><br></div><div>What tcpdump command did you ran?</div><div>- sudo tcpdump -i eth0</div><div><br></div><div>What is the networks that are involved?</div><div>Setup:</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Client (192.168.1.8) ---> | Rotuer |<br> | gateway/dhcp | ---> Internet<br>Squid box (192.168.1.2) ---> | 192.168.1.1 |</blockquote><div><br></div><div>Here Client (debian), squid (debian) and router are three separate devices.</div><div><br></div><div>What is the gateway and dhcp for this network?</div><div>- Router is both gateway and dhcp server</div><div><br></div><div>If the client is a linux box then we need the output of:</div><div><br></div><div>ifconfig:</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">eth0 Link encap:Ethernet HWaddr b8:27:eb:91:83:20<br> inet addr:192.168.1.8 Bcast:192.168.1.255 Mask:255.255.255.0<br> inet6 addr: fe80::6236:7570:1f1e:d238/64 Scope:Link<br> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br> RX packets:3214 errors:0 dropped:0 overruns:0 frame:0<br> TX packets:8985 errors:0 dropped:0 overruns:0 carrier:0<br> collisions:0 txqueuelen:1000<br> RX bytes:478898 (467.6 KiB) TX bytes:2308050 (2.2 MiB)</blockquote><div><br></div><div><br></div><div>ip route:</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">default via 192.168.1.1 dev eth0<br><a href="http://169.254.0.0/16">169.254.0.0/16</a> dev eth0 proto kernel scope link src 169.254.219.186 metric 202</blockquote></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Feb 13, 2017 at 10:44 PM, Eliezer Croitoru <span dir="ltr"><<a href="mailto:eliezer@ngtech.co.il" target="_blank">eliezer@ngtech.co.il</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hey,<br>
<br>
There are couple missing pieces(in my eyes) in order to understand the picture.<br>
Is this squid box a router or just a proxy?<br>
What tcpdump command did you ran?<br>
What is the networks that are involved?<br>
What is the gateway and dhcp for this network?<br>
If the client is a linux box then we need the output of:<br>
$ ifconfig<br>
$ route -n<br>
Or<br>
$ ip route<br>
<br>
Thanks,<br>
Eliezer<br>
<br>
----<br>
<a href="http://ngtech.co.il/lmgtfy/" rel="noreferrer" target="_blank">http://ngtech.co.il/lmgtfy/</a><br>
Linux System Administrator<br>
Mobile: <a href="tel:%2B972-5-28704261" value="+972528704261">+972-5-28704261</a><br>
Email: <a href="mailto:eliezer@ngtech.co.il">eliezer@ngtech.co.il</a><br>
<br>
<br>
From: squid-users [mailto:<a href="mailto:squid-users-bounces@lists.squid-cache.org">squid-users-bounces@<wbr>lists.squid-cache.org</a>] On Behalf Of John Pearson<br>
Sent: Tuesday, February 14, 2017 8:25 AM<br>
To: Squid Users <<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-<wbr>cache.org</a>><br>
Subject: [squid-users] Squid on separate box and it can't see packets<br>
<span class=""><br>
Hi all,<br>
I have squid on a separate box on my network with ip address 192.168.1.2<br>
<br>
In squid.conf I have:<br>
<br>
</span>http_port <a href="http://0.0.0.0:3128" rel="noreferrer" target="_blank">http://0.0.0.0:3128</a><br>
http_port <a href="http://0.0.0.0:3129" rel="noreferrer" target="_blank">http://0.0.0.0:3129</a> intercept<br>
<span class=""><br>
-------<br>
<br>
On squid box:<br>
<br>
$ sudo netstat -lnp | grep squid<br>
</span>tcp 0 0 <a href="http://0.0.0.0:3128" rel="noreferrer" target="_blank">http://0.0.0.0:3128</a> 0.0.0.0:* LISTEN 2639/(squid-1)<br>
tcp 0 0 <a href="http://0.0.0.0:3129" rel="noreferrer" target="_blank">http://0.0.0.0:3129</a> 0.0.0.0:* LISTEN 2639/(squid-1)<br>
udp 0 0 <a href="http://0.0.0.0:37444" rel="noreferrer" target="_blank">http://0.0.0.0:37444</a> 0.0.0.0:* 2639/(squid-1)<br>
<div class="HOEnZb"><div class="h5">udp6 0 0 :::41465 :::* 2639/(squid-1)<br>
<br>
-------<br>
<br>
I followed this example: <a href="http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect" rel="noreferrer" target="_blank">http://wiki.squid-cache.org/<wbr>ConfigExamples/Intercept/<wbr>LinuxRedirect</a><br>
<br>
iptables:<br>
<br>
# your proxy IP<br>
SQUIDIP=192.168.1.2<br>
<br>
# your proxy listening port<br>
SQUIDPORT=3129<br>
<br>
<br>
iptables -t nat -A PREROUTING -s $SQUIDIP -p tcp --dport 80 -j ACCEPT<br>
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port $SQUIDPORT<br>
iptables -t nat -A POSTROUTING -j MASQUERADE<br>
iptables -t mangle -A PREROUTING -p tcp --dport $SQUIDPORT -j DROP<br>
<br>
------<br>
<br>
I am redirecting port 80 packets on my router to squid box<br>
<br>
On one of the clients: 192.168.1.8, I am running<br>
wget -v --bind-address=192.168.1.8 <a href="http://squid-cache.org:80" rel="noreferrer" target="_blank">http://squid-cache.org:80</a><br>
<br>
On squid box, I am running tcpdump and I am able to see those packets:<br>
<br>
22:09:58.962316 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags [S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932460 ecr 0,nop,wscale 7], length 0<br>
22:09:59.958994 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags [S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932560 ecr 0,nop,wscale 7], length 0<br>
22:10:01.958981 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags [S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932760 ecr 0,nop,wscale 7], length 0<br>
<br>
But squid is not seeing them. Squid log is empty.<br>
<br>
Need advice. Thanks!<br>
<br>
</div></div></blockquote></div><br></div>