[squid-users] Squid on separate box and it can't see packets

John Pearson johnpearson555 at gmail.com
Tue Feb 14 20:18:25 UTC 2017 

Hi,

Is this squid box a router or just a proxy?
- just a proxy

What tcpdump command did you ran?
- sudo tcpdump -i eth0

What is the networks that are involved?
Setup:

> Client        (192.168.1.8) --->  |     Rotuer        |
>                                                | gateway/dhcp | --->
> Internet
> Squid box (192.168.1.2) --->  |  192.168.1.1   |


Here Client (debian), squid (debian) and router are three separate devices.

What is the gateway and dhcp for this network?
- Router is both gateway and dhcp server

If the client is a linux box then we need the output of:

ifconfig:

> eth0   Link encap:Ethernet  HWaddr b8:27:eb:91:83:20
>           inet addr:192.168.1.8  Bcast:192.168.1.255  Mask:255.255.255.0
>           inet6 addr: fe80::6236:7570:1f1e:d238/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:3214 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:8985 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:478898 (467.6 KiB)  TX bytes:2308050 (2.2 MiB)



ip route:

> default via 192.168.1.1 dev eth0
> 169.254.0.0/16 dev eth0  proto kernel  scope link  src 169.254.219.186
>  metric 202


On Mon, Feb 13, 2017 at 10:44 PM, Eliezer Croitoru <eliezer at ngtech.co.il>
wrote:

> Hey,
>
> There are couple missing pieces(in my eyes) in order to understand the
> picture.
> Is this squid box a router or just a proxy?
> What tcpdump command did you ran?
> What is the networks that are involved?
> What is the gateway and dhcp for this network?
> If the client is a linux box then we need the output of:
> $ ifconfig
> $ route -n
> Or
> $ ip route
>
> Thanks,
> Eliezer
>
> ----
> http://ngtech.co.il/lmgtfy/
> Linux System Administrator
> Mobile: +972-5-28704261
> Email: eliezer at ngtech.co.il
>
>
> From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On
> Behalf Of John Pearson
> Sent: Tuesday, February 14, 2017 8:25 AM
> To: Squid Users <squid-users at lists.squid-cache.org>
> Subject: [squid-users] Squid on separate box and it can't see packets
>
> Hi all,
> I have squid on a separate box on my network with ip address 192.168.1.2
>
> In squid.conf I have:
>
> http_port http://0.0.0.0:3128
> http_port http://0.0.0.0:3129 intercept
>
> -------
>
> On squid box:
>
> $ sudo netstat -lnp | grep squid
> tcp        0      0 http://0.0.0.0:3128            0.0.0.0:*
>  LISTEN      2639/(squid-1)
> tcp        0      0 http://0.0.0.0:3129            0.0.0.0:*
>  LISTEN      2639/(squid-1)
> udp        0      0 http://0.0.0.0:37444           0.0.0.0:*
>              2639/(squid-1)
> udp6       0      0 :::41465                :::*
>       2639/(squid-1)
>
> -------
>
> I followed this example: http://wiki.squid-cache.org/
> ConfigExamples/Intercept/LinuxRedirect
>
> iptables:
>
> # your proxy IP
> SQUIDIP=192.168.1.2
>
> # your proxy listening port
> SQUIDPORT=3129
>
>
> iptables -t nat -A PREROUTING -s $SQUIDIP -p tcp --dport 80 -j ACCEPT
> iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port
> $SQUIDPORT
> iptables -t nat -A POSTROUTING -j MASQUERADE
> iptables -t mangle -A PREROUTING -p tcp --dport $SQUIDPORT -j DROP
>
> ------
>
> I am redirecting port 80 packets on my router to squid box
>
> On one of the clients: 192.168.1.8, I am running
> wget -v --bind-address=192.168.1.8 http://squid-cache.org:80
>
> On squid box, I am running tcpdump and I am able to see those packets:
>
> 22:09:58.962316 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags
> [S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932460
> ecr 0,nop,wscale 7], length 0
> 22:09:59.958994 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags
> [S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932560
> ecr 0,nop,wscale 7], length 0
> 22:10:01.958981 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags
> [S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932760
> ecr 0,nop,wscale 7], length 0
>
> But squid is not seeing them. Squid log is empty.
>
> Need advice. Thanks!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170214/837091ee/attachment.html>

More information about the squid-users mailing list