Hi Everyone,

for the record I found out that for cttproxy to accept the ASSIGN .
it's necessary to set the configuration option tcp_outgoing_address

tcp_outgoing_address seems to be 0.0.0.0 if not set explicitly and
causes the ASSIGN ioctl to fail and the ERROR_ASSIGN message.

It might be useful to shoot out a warning when tcp_outgoing_address is
0 and tproxy is used.

- Enrico

enricod@videotron.ca wrote:
> Hi everyone,
>
> I am trying to get squid 2.6 + cttproxy to work on a transparently
> bridged environment, with scarce results.
>
> The bridging works fine, squid is compiled with tproxy support .
>
> and has the following directives ( among the others):
>
> http_port 3128 transparent tproxy vhost vport=80
> always_direct allow all
>
> I enable the redirection as follows:
>
> ebtables -t broute -A BROUTING -p IPv4 --ip-protocol-6
> --ip-destination-port 80 -j redirect --redirect-target ACCEPT
> iptables -t tproxy -A PREROUTING -i br0 -p tcp --dport 80 -j TPROXY
> --on-port 3128
>
> However Squid doesnt seem to able to spoof the original IP:
>
> all i get is a bunch of:
>
> 2006/09/13 01:01:55| tproxy ip=10.0.0.200,0xc800000a,port=0 ERROR
> ASSIGN
> 2006/09/13 01:01:55| tproxy ip=10.0.0.200,0xc800000a,port=0 ERROR
> ASSIGN
> 2006/09/13 01:01:55| tproxy ip=10.0.0.200,0xc800000a,port=0 ERROR
> ASSIGN
> 2006/09/13 01:03:16| tproxy ip=10.0.0.200,0xc800000a,port=0 ERROR
> ASSIGN
> 2006/09/13 01:03:29| tproxy ip=10.0.0.200,0xc800000a,port=0 ERROR
> ASSIGN
>
> The br0 interface has an ip assigned of 10.0.0.254 in the same subnet
> of 10.0.0.200 ( the client ).
>
> Did any one get squid+cttproxy to work on a bridge ? What am I missing
> ?
>
> thanks for your answer,
>
> Enrico