[squid-users] Transparent Proxy on FreeBSD 4.9 problem with Yahoo/Hotmail login

From: Raphael Maseko <[email protected]>
Date: Sat, 15 Nov 2003 19:01:55 +0200

Hi Fellow Listers,

I have been running squid-2.5.STABLE4 with transparent proxying using WCCP
V1 on FreeBSD 4.6.2 without any problems.

I have now installed the same version on FreeBSD 4.9.

Unlike in the previous version where I had to apply patches and hacks to get
the gre packets stripped by my BSD box, I used the "pseudo-device gre"
option in the kernel and set up the tunnel using the following:

ifconfig gre0 create
ifconfig gre0 My_Squid_IP 10.20.30.1 netmask 255.255.255.255 link1 tunnel
My_Squid_IP My_Router_IP up

and the following IPFW rules:

ipfw add 49 allow tcp from My_Squid_IP to any
ipfw add 50 fwd 127.0.0.1,3128 tcp from any to any 80 via gre0 in
(The ipfw is set to default to accept)

Here is a sample from the ipfw -a sh command:

00049 29586 2886034 allow tcp from My_Squid_IP to any
00050 29592 2493277 fwd 127.0.0.1,3128 tcp from any to any 80 in recv gre0
65535 101631 65282581 allow ip from any to any

The transparent proxy is working fine except when it comes to logging into
sites like yahoo and hotmail and reading webmail. The main page is accessed
but stalls and eventually fails on authentication.

I suspect that this has something to do with the gre tunnel and the way
packets that are not supposed to be cached are being treated.

Has anyone run into this problem and if so how did you deal with it? Please
help.

Thanks in advance.

Ralph
Received on Sat Nov 15 2003 - 09:57:46 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:19 MST