From: Ricardo R. - S. L. <sho...@ma...> - 2011-06-30 01:57:49
|
On Wed, 29 Jun 2011 18:47:21 -0700, Tom Eastep wrote: > On Jun 29, 2011, at 6:20 PM, Ricardo Rios - Shorewall List wrote: > >> On Wed, 29 Jun 2011 18:02:18 -0700, Tom Eastep wrote: >> >>> On Jun 29, 2011, at 5:01 PM, Ricardo Rios - Shorewall List wrote: >>> >>>> Hi all, hi Tom : >>>> >>>> I am trying to get tproxy working, i follow this http://www.shorewall.net/Shorewall_Squid_Usage.html#TPROXY [1] >>>> >>>> But when i restart shorewall i get this error : http://pastebin.com/iKK5LjpF [2] >>>> >>>> i patch squid 2.7 stable-9 with Tproxy version 4 patch >>>> >>>> Just in case if is needed : >>>> >>>> iptables v1.4.10 >>>> >>>> kernel 2.6.37.6-0. >>> >>> Please see http://www1.shorewall.net/troubleshoot.htm#Start [3] >>> -Tom >>> >>> Tom Eastep When I die, I want to go like my Grandfather who >>> Shoreline, died peacefully in his sleep. Not screaming like >>> Washington, USA all of the passengers in his car >>> http://shorewall.net [4] ________________________________________________ >> >> Doing a shorewall debug restart i get this : >> >> ERROR: Command "/usr/sbin/iptables -A tcpre -p 6 --dport 80 -i eth5 -j TPROXY--on-port 3128 --tproxy-mark 3" Failed >> >> I guessing my iptables is not supporting TPROXY ? > > No -- Your version of Shorewall is generating an invalid rule (note that there is no whitespace between TPROXY and --on-port). Which version are you running? > > -Tom > > Tom Eastep When I die, I want to go like my Grandfather who > Shoreline, died peacefully in his sleep. Not screaming like > Washington, USA all of the passengers in his car > http://shorewall.net [5] ________________________________________________ I am using Shorewall-4.4.20.3 Links: ------ [1] http://www.shorewall.net/Shorewall_Squid_Usage.html#TPROXY [2] http://pastebin.com/iKK5LjpF [3] http://www1.shorewall.net/troubleshoot.htm#Start [4] http://shorewall.net/ [5] http://shorewall.net |