Date: Mon, 23 May 2005 18:13:01 -0700 (PDT) From: Eric Heintzberger <eric_e_heintzberger@yahoo.com> To: freebsd-questions@freebsd.org Subject: Squid/ipfilter Transparent Proxy Problems Message-ID: <20050524011301.43819.qmail@web53508.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
I am trying to set up a transparent caching proxy using squid and ipfilter. Currently, if I manually configure my web browser to use the squid proxy server, it works fine. My problem arises when I use ipfilter NAT to intercept HTTP requests, and force clients to use the proxy, using the following ipfilter redirect rule: rdr rl0 0/0 port 80 -> 127.0.0.1 port 3128 tcp This causes squid to crash and restart. I noticed the following error in squid's cache.log: parseHttpRequest: NAT open failed: (13) Permission denied It was suggested the permissions on /dev/ipnat should be relaxed, but this did not seem to work. Any suggestions? Here is the output of "squid -v": Squid Cache: Version 2.5.STABLE10 configure options: --bindir=/usr/local/sbin --sysconfdir=/usr/local/etc/squid - -datadir=/usr/local/etc/squid --libexecdir=/usr/local/libexec/squid --localstatedir=/usr/local/squid '--enable-removal-policies=lru heap' '--enable-auth=basic ntlm digest' '--enable-basic-auth-helpers=NCSA PAM MSNT SMB winbind' --enable-digest-auth-helpers=password '--enable-external-acl-helpers=ip_user unix_group wbinfo_group winbind_group' '--enable-ntlm-auth-helpers=SMB winbind' '--enable-store io=ufs diskd null' --enable-underscores --enable-ipf-transparent --with-large-files --enable-large-cache-files '--enable-err-languages=[omitted] --enable-default-err-language=English --prefix=/usr/local i386-portbld-freebsd5.4 __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050524011301.43819.qmail>