Dean, Barry wrote:
OK. I have bodged up the IPInterception.cc file and add the line from
/usr/include/sys/types.h to get it to compile.
Mu change to add the error string has resulted in the error coming out as:
clientNatLookup: NAT lookup failed: ioctl(SIOCGNATL): (22) Invalid argument
I think we have a smoking gun here! It is starting to look like Squid is
constructing the structure wrong that it is passing to the ipnat driver via the
ioctl.
How do debug this is the question...
Thanks for the help so far.. I'll post my findings if I get a solution.
You may be right, there have been upgrades to interception recently that
are not tested in some NAT lookup methods.
To debug you can either trace it live in a debugger, or thread debugs()
calls through the IPF section that display the parameter values.
However, I'd like to be certain that anything to be merged is tested and
working on an unpatched kernel with working compilers.
Amos
---------------
Barry Dean
Networks Team
-----Original Message-----
From: Amos Jeffries [mailto:[EMAIL PROTECTED]
Sent: 15 August 2008 14:49
To: Dean, Barry
Cc: [email protected]
Subject: Re: [squid-users] 2 Problems
Dean, Barry wrote:
Hi,
My setup: Sun X4200 Server 8GB RAM, Sun IPF 4.1.9 (592), Solaris 10 x86
Generic_137112-02
Problem 1:
I compiled SQUID 3.0_STABLE5 no problem on Solaris 10 Generic_120012-14. Which
is the one we are using.
But since patching to Generic_137112-02 neither 3.0_STABLE5 or 3.0_STABLE8 will
compile.
The problem is that g++ uses
/usr/sfw/lib/gcc/i386-pc-solaris2.10/3.4.3/include/sys/types.h and
/usr/include/sys/proc.h.
That proc.h contains:
...
volatile lgrp_id_t p_t1_lgrpid; /* main's thread lgroup id */
volatile lgrp_id_t p_tr_lgrpid; /* text replica's lgroup id */
...
But type "lgrp_id_t" is only defined in /usr/include/sys/types.h not the gcc
one!
Pre-patch, these variables and type did not exist.
Short of getting Sun to patch the gcc types.h, or me doing it, any suggestions
as to how to get it to compile...
Problem 2:
We are using IPF to direct web traffic to squid, running in transparent mode.
We keep getting lots of:
clientNatLookup: NAT lookup failed: ioctl(SIOCGNATL)
I have searched and searched on this one and the nearest to an answer I have
come to is that it has to do with permissions on the /dev/ipnat device, in my
case:
host[53]# ls -l /dev/ipnat
lrwxrwxrwx 1 root wheel 29 Apr 3 15:32 /dev/ipnat ->
../devices/pseudo/[EMAIL PROTECTED]:ipnat
host[54]# ls -l /devices/pseudo/[EMAIL PROTECTED]:ipnat
crw-rw-rw- 1 root bin 165, 1 Jul 15 15:16 /devices/pseudo/[EMAIL
PROTECTED]:ipnat
host[55]# getdevpolicy /dev/ipnat
/dev/ipnat
read_priv_set=sys_ip_config
write_priv_set=sys_ip_config
Figuring it was the device policy, I granted the running squid process
"sys_ip_config" privs using ppriv, but it still kept doing it... This is when I
decided to alter IPInterception.cc so that the value of errno was included in the error
message, and when I discovered it no longer compiled, refer to Problem 1 !!!
Can anyone help me on this one...
It sounds like the compiler and libraries need to be updated to match
the new patched kernel.
Amos
--
Please use Squid 2.7.STABLE3 or 3.0.STABLE8
