Re: [IPCop-devel] Squid Gets In The Way

[Harry G. <ha...@hg...>]

Mark,

Sorry to bother you.

I've been trying to install your suggestion for testing. 
Unfortunately, I haven't been able to create IPCop 0.1.2 from the CVS 
pull on my RH 7.3 system.

I've run into problems with MAKEDEV, it doesn't honor the -d option, 
and with GD.pm.

I've kludged around the MAKEDEV problem by renaming /etc/makedev.d 
and creating a symlink to the one in the build directory.

I'm pretty well stumped on how to get GD to compile.  perl is using 
the config file out of my /usr... directory tree and not the one in 
the build directory.  As a result, GD won't compile and of course the 
compile flags specify -mi686.  I've try using sed on the Makefile, 
but I am not enough of a perl monger to figure out where the config 
file is referenced.  Is another symlink called for.

What are you guys using for a development machine?  Is there 
something basic I'm missing?

At 10:08 AM +0200 10/24/02, Mark Wormgoor wrote:
>Hi,
>
>>  I just spent an enjoyable few hours debugging a problem getting to an
>>  internal web server on a different node of my VPN.  Basically, it
>>  appears Squid sees the html request, acknowledges the packet back to
>>  the browser and then goes after the page on the Internet, instead of
>>  the VPN.
>
>Hmmm, this suddenly explains some problems I've been having ;)
>Never gave it much thought and tried the internet path, which works just
>fine.
>
>>  I've turned off Squid for now, but is anyone familiar enough with
>>  Squid parameters to tell me how to direct Squid to send VPN packets
>>  through the correct interface or to turn off caching based on server
>>  network address?
>
>The problem is in restartsquid.c:
>/sbin/ipchains -A squid -p tcp --destination-port 80 -j REDIRECT 800
>
>I suggets modifying like this (untested):
>/sbin/ipchains -A squid -p tcp --destination-port 80 -i ! ipsec+ -j 
>REDIRECT 800