Return-Path: X-Original-To: apmail-trafficserver-users-archive@www.apache.org Delivered-To: apmail-trafficserver-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C5AE6971A for ; Thu, 7 Jun 2012 05:07:36 +0000 (UTC) Received: (qmail 4981 invoked by uid 500); 7 Jun 2012 05:07:34 -0000 Delivered-To: apmail-trafficserver-users-archive@trafficserver.apache.org Received: (qmail 4896 invoked by uid 500); 7 Jun 2012 05:07:34 -0000 Mailing-List: contact users-help@trafficserver.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@trafficserver.apache.org Delivered-To: mailing list users@trafficserver.apache.org Received: (qmail 4673 invoked by uid 99); 7 Jun 2012 05:07:34 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Jun 2012 05:07:34 +0000 X-ASF-Spam-Status: No, hits=1.0 required=5.0 tests=SPF_SOFTFAIL X-Spam-Check-By: apache.org Received-SPF: softfail (nike.apache.org: transitioning domain of saraswathi.venkataraman@xoriant.com does not designate 12.36.118.8 as permitted sender) Received: from [12.36.118.8] (HELO xorex01.XoriantCorp.com) (12.36.118.8) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Jun 2012 05:07:27 +0000 Received: from MUMEX01.India.XoriantCorp.com ([10.21.0.27]) by xorex01.XoriantCorp.com ([10.1.0.26]) with mapi id 14.01.0289.001; Wed, 6 Jun 2012 22:11:05 -0700 From: Saraswathi Venkataraman To: "users@trafficserver.apache.org" Subject: RE: Configuring traffic server on transparent proxy mode. Thread-Topic: Configuring traffic server on transparent proxy mode. Thread-Index: Ac04GiKPX6b6gTadTMqcCgkx5gQTkQAnT+QAAAu+7mAAEyHWAAAQVUMwABqAgQAADpW8EP//ppcA/+10oYCAJ9yMAIAAUo7Q Date: Thu, 7 Jun 2012 05:10:39 +0000 Message-ID: References: <371609216.20120522194054@network-geographics.com> <94755473.20120523102502@network-geographics.com> <17510255028.20120524065132@network-geographics.com> <894290420.20120524082908@network-geographics.com> <1486557300.20120606220108@network-geographics.com> In-Reply-To: <1486557300.20120606220108@network-geographics.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.21.3.21] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Thank for your prompt reply. It was actually a firewall issue. The TS serve= r was not configured to accept packets on port 80. Once I removed the firew= all settings, it started to work. And as u mentioned, I don't think we would require that man rules in the ip= rule list. I removed the unnecessary ones. Thanks & Regards Saraswathi Venkataraman | Xoriant Solutions Pvt. Ltd. =A0 Winchester,=A0Hiranandani Business Park, Powai,=A0Mumbai 400076, INDIA.=20 Tel: +91 22 30511000 |=A0Ext: 1113 | http://www.xoriant.com -----Original Message----- From: Alan M. Carroll [mailto:amc@network-geographics.com]=20 Sent: Thursday, June 07, 2012 8:31 AM To: users@trafficserver.apache.org Subject: Re: Configuring traffic server on transparent proxy mode. Could you provide some information about what the end result you are lookin= g for? E.g. where are the clients, where are the origin servers / internet,= which network paths should be transparent? Unfortunately I am on vacation this week and so will not be particularly re= sponsive. My first comment would be that I have had not much success with using "sock= et" in my iptables rules. I think --sport 80 is better. One problem is that= SYN/ACK may not be considered on a socket because it has not yet been esta= blished. You seem to have a lot of rules in your ip rule list - why check for the al= l the interfaces if you are also just checking on the firewall mark? Tuesday, June 5, 2012, 10:46:25 AM, you wrote: > This is the ifconfig for our machine. We are trying to configure tproxy a= gain on our machine.=20