Hi,
I have three servers an apache webserver, a client server(VM) and the TS server with TS installed
on it.
In order to set the TS on transparent proxy mode, I have disabled reverse_proxy mode and
remap_required on records.config file.
The client server is configured in such a way that packets traceroute to the webserver via
the TS.
I have done the following iptables routing on the TS server.
# reflow client web traffic to TPROXY
iptables -t mangle -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j TPROXY \
--on-ip 0.0.0.0 --on-port 8080 --tproxy-mark 1/1
# Let locally directed traffic pass through.
iptables -t mangle -A PREROUTING -i eth0 --source 10.60.96.254 -j ACCEPT
iptables -t mangle -A PREROUTING -i eth0 --destination 10.60.96.254 -j ACCEPT
# Mark presumed return web traffic
iptables -t mangle -A PREROUTING -i eth0 -p tcp -m tcp --sport 80 -j MARK --set-mark 1/1
This did not change anything. It routed through TS and agve me the response, but I could not
find anything logged in the squid log so I assumed, it did not go through TS at all. When
I forced to intercept the packets using iptables -t nat -A PREROUTING -i eth1 -p tcp --dport
80 -j DNAT --to 10.60.96.254:8080
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080
This gets logged as a request in SQUID logs but as ERR_CONNECT_FAIL/502.
Can anyone help me with what I am going wrong with, here?
Thanks & Regards
Saraswathi Venkataraman | Xoriant Solutions Pvt. Ltd.
Winchester, Hiranandani Business Park, Powai, Mumbai 400076, INDIA.
Tel: +91 22 30511000 | Ext: 1113 | http://www.xoriant.com<http://www.xoriant.com/>
|