Sherif Mohamed Ismaiel wrote:
> I copied ip_nat.h files etc into the include directory....the problem is
> that I got another error while running squid...
> the entries in the access.log is as follows...
> 914412890.808 33 163.121.25.24 TCP_DENIED/403 1054 GET
> http://www.geocities.
> com/images/geoguideII/email_ghost_b.gif - NONE/- -
> 914412890.808 33 163.121.25.91 NONE/400 1333 GET error:nat-open-failed
Squid needs to have read access to the NAT device (/dev/ something). The
device name is defined as IPL_NAT, so a
grep IPL_NAT ip_*.h
should give you the correct device name Squid needs read access to.
Then
chown a+r /dev/XXXXX
to allow every user read access to the IP NAT translation table, or set
up your UNIX permissions in any other way such that the user Squid runs
as is allowed to read this device file.
---
Henrik Nordstrom
Spare time Squid hacker
