hi I want to set up a transparent proxy server with ts2.3.1, but the following error happens: ERROR: [bindProxyPort] Unable to set transparent socket option [92] Protocol not available can anybody help me? Thanks
record.conf: CONFIG proxy.config.http.server_port_attr STRING = CONFIG proxy.config.cluster.ethernet_interface STRING eth1 The server has two network interfaces, eth0 (LAN), eth1(INTERNET), and the OS system is CentOS5.4. And I connected the server(eth0) and client with one a network cable. The following is our iptables rules: #!/bin/sh # ------------------------------------------------------------------------------------ # See URL: http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html # (c) 2006, nixCraft under GNU/GPL v2.0+ # ------------------------------------------------------------------------------------- # TRAFFIC server IP TRAFFIC_SERVER="192.168.8.131" # Interface connected to Internet INTERNET="eth1" # Interface connected to LAN LAN_IN="eth0" # Traffic Server port TS_PORT="8080" # DO NOT MODIFY BELOW # Clean old firewall iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X # Load IPTABLES modules for NAT and IP conntrack support modprobe ip_conntrack modprobe ip_conntrack_ftp # For win xp ftp client #modprobe ip_nat_ftp echo 1 > /proc/sys/net/ipv4/ip_forward # Setting default filter policy iptables -P INPUT DROP iptables -P OUTPUT ACCEPT # Unlimited access to loop back iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # Allow UDP, DNS and Passive FTP iptables -A INPUT -i $INTERNET -m state --state ESTABLISHED,RELATED -j ACCEPT # set this system as a router for Rest of LAN iptables --table nat --append POSTROUTING --out-interface $INTERNET -j MASQUERADE iptables --append FORWARD --in-interface $LAN_IN -j ACCEPT # unlimited access to LAN iptables -A INPUT -i $LAN_IN -j ACCEPT iptables -A OUTPUT -o $LAN_IN -j ACCEPT # DNAT port 80 request comming from LAN systems to ts 8080 ($TS_PORT) aka transparent proxy iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j DNAT --to $TRAFFIC_SERVER:$TS_PORT # if it is same system iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 80 -j REDIRECT --to-port $TS_PORT # DROP everything and Log it iptables -A INPUT -j LOG iptables -A INPUT -j DROP
