I thought I was being pretty conservative by waiting till 2.2.13 before
upgrading. But it seems not quite conservative enough. I guess that not
too many people use the transparent proxy functionality.
Robert Cohen
Apex Internet
Andi Kleen wrote:
>
> robert@apex.net.au (Robert Cohen) writes:
>
> > I'm having a weird problem with squid 2.2stable5.
> > I have it set up as a transparent proxy on a 2.2.13 box.
> > I'm using IP chains to redirect port 80 requests to the proxy on port
> > 8080.
> > I have IP forwarding enabled and am using the following ipchains command
> >
> > /sbin/ipchains -A input -j REDIRECT 8080 -p tcp -s 203.37.38.0/24 -d
> > 0.0.0.0/0 80
> >
> > The weird thing is that it works fine for about a day then stops
> > working.
> > No obvious error messages in logs.
> > The proxy still works if I contact it explicitly on the proxy port
> > rather than using the transparent functionality.
> > So networking is still working.
>
> Try this patch (or update to 2.2.14preX which has it already included)
>
> --- linux/net/ipv4/tcp_ipv4.c-o Fri Nov 12 12:58:55 1999
> +++ linux/net/ipv4/tcp_ipv4.c Fri Nov 12 13:29:17 1999
> @@ -180,7 +180,7 @@
>
> #ifdef CONFIG_IP_TRANSPARENT_PROXY
> if (child->num != sk->num) {
> - unsigned short snum = ntohs(child->num);
> + unsigned short snum = child->num;
> for(tb = tcp_bound_hash[tcp_bhashfn(snum)];
> tb && tb->port != snum;
> tb = tb->next)
>
> -Andi
>
> --
> This is like TV. I don't like TV.
-- Robert Cohen - Network Administrator Apex Internet robert@apex.net.au http://www.apex.net.au Ph (02) 6247 2000 Fax: (02) 6247 2711- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/