hi, this is my first post here.
I have a problem, but first I describe the scenario
I have clients with public IP
Mikrotik router redirecting traffic to SQUID
Squid 3.1 with support for TPROXY
Iptables 1.4.4 with support for TPROXY
Debian Lenny / Kernel 2.6.28 with support for TPROXY
well.
The proxy works as well, and when I made some test pages whatismyip,
shows that the ip is the CLIENT.
However. I can not get my clients with public IP address
simultaneously downloading from RapidShare / Megaupload ETC. The error
shown within these pages is the typical already are downloading from
that ip, so if viewing RapidShare IP SQUID in reality and not the
client. How fix this?
the configuration file of squid in the harbor is well
http_port 81 tproxy
Iptables:
iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp --dport 3128 -j TPROXY
--tproxy-mark 0x1/0x1 --on-port 81
ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100
echo 1 > /proc/sys/net/ipv4/ip_forward
Mikrotik:
Have a rule in the firewall to redirect all traffic to port 80 of the
SQUID to the IP, port 3128
All clients create sessions PPPOE in Router Mikrotik
May help?
Regards
Received on Sun Aug 09 2009 - 13:58:30 MDT
This archive was generated by hypermail 2.2.0 : Mon Aug 10 2009 - 12:00:15 MDT