i'm tired - pf, squid transparent bridge

From: lrutledge <lrutledge(at)fairfield.lib.oh.us>
Date: Fri Mar 28 2003 - 13:15:52 EST

>===== Original Message From lrutledge <lrutledge@fairfield.lib.oh.us> =====
Howdy folks,

Yes, I did post this to misc earlier.

Need a proxy or another T1. Clean load 3.2, squid from source with ./configure transparent option. Bridge is bridging, squid is running with -V -D.

tcpdump -ai pflog0 shows nothing.

Here is my last cache.log entry:
2003/03/28 03:38:37| Starting Squid Cache version 2.5.STABLE2 for i386-unknown-o
penbsd3.2...

2003/03/28 03:38:37| Process ID 24756
2003/03/28 03:38:37| With 1024 file descriptors available
2003/03/28 03:38:37| DNS Socket created at 0.0.0.0, port 39803, FD 4
2003/03/28 03:38:37| Adding nameserver 192.168.1.10 from /etc/resolv.conf
2003/03/28 03:38:37| Adding nameserver 192.168.45.10 from /etc/resolv.conf
2003/03/28 03:38:37| Unlinkd pipe opened on FD 9
2003/03/28 03:38:37| Swap maxSize 2560000 KB, estimated 196923 objects
2003/03/28 03:38:37| Target number of buckets: 9846
2003/03/28 03:38:37| Using 16384 Store buckets
2003/03/28 03:38:37| Max Mem  size: 65536 KB
2003/03/28 03:38:37| Max Swap size: 2560000 KB
2003/03/28 03:38:37| Rebuilding storage in /var/squid/cache (CLEAN)
2003/03/28 03:38:37| Using Least Load store dir selection
2003/03/28 03:38:37| Set Current Directory to /var/squid/cache
2003/03/28 03:38:37| Loaded Icons.
2003/03/28 03:38:37| Accepting HTTP connections at 127.0.0.1, port 3128, FD

10.

2003/03/28 03:38:37| Accepting ICP messages at 0.0.0.0, port 3130, FD 11.
2003/03/28 03:38:37| WCCP Disabled.
2003/03/28 03:38:37| Ready to serve requests.
2003/03/28 03:39:03| Done scanning /var/squid/cache swaplog (0 entries)
2003/03/28 03:39:03| Finished rebuilding storage from disk.
2003/03/28 03:39:03|         0 Entries scanned
2003/03/28 03:39:03|         0 Invalid entries.
2003/03/28 03:39:03|         0 With invalid flags.
2003/03/28 03:39:03|         0 Objects loaded.
2003/03/28 03:39:03|         0 Objects expired.
2003/03/28 03:39:03|         0 Objects cancelled.
2003/03/28 03:39:03|         0 Duplicate URLs purged.
2003/03/28 03:39:03|         0 Swapfile clashes avoided.
2003/03/28 03:39:03|   Took 26.9 seconds (   0.0 objects/sec).
2003/03/28 03:39:03| Beginning Validation Procedure
2003/03/28 03:39:04|   Completed Validation Procedure
Do you need help?
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:
Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related openbsd.org Links
advocacy
announce
bugs
ipv6
misc
ports
ports-changes
security-announce
smp
source-changes
tech
Request more information about Pantek
2003/03/28 03:39:04|   Validated 0 Entries
2003/03/28 03:39:04|   store_swap_size = 0k
2003/03/28 03:39:04| storeLateRelease: released 0 objects

Here is my pf.conf:
rdr on xl0 inet proto tcp from any to (xl0) port 80 -> 127.0.0.1 port 3128 pass in all
pass out all

Here is my squid.conf:
 http_port 127.0.0.1:3128
 hierarchy_stoplist cgi-bin ?
 acl QUERY urlpath_regex cgi-bin \?
 no_cache deny QUERY
 cache_mem 64 MB
cache_swap_low 90
 cache_swap_high 95
 maximum_object_size 4096 KB
 minimum_object_size 0 KB

 cache_dir ufs /var/squid/cache 2500 16 256
 cache_access_log /var/squid/logs/access.log
 cache_log /var/squid/logs/cache.log
 cache_store_log /var/squid/logs/store.log
 hosts_file /etc/hosts

auth_param basic children 5
 auth_param basic realm Squid proxy-caching web server  auth_param basic credentialsttl 2 hours

refresh_pattern ^ftp:           1440    20%     10080
 refresh_pattern ^gopher:        1440    0%      1440
 refresh_pattern .               0       20%     4320

acl all src 0.0.0.0/0.0.0.0
 acl manager proto cache_object
 acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8
 acl SSL_ports port 443 563

 acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
 acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
 acl Safe_ports port 210         # wais
 acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
 acl Safe_ports port 488         # gss-http
 acl Safe_ports port 591         # filemaker
 acl Safe_ports port 777         # multiling http

 acl CONNECT method CONNECT
 http_access allow all
 http_reply_access allow all
 icp_access allow all
 miss_access allow all

 cache_mgr lrutledge@fairfield.lib.oh.us
 httpd_accel_port 80
 httpd_accel_host virtual
 httpd_accel_with_proxy on
 httpd_accel_uses_host_header on

 coredump_dir /var/squid/cache

The machine doesn't seem to be catching the port 80 traffic and redirecting to squid:
ad averages: 0.10, 0.11, 0.13 05:00:39 39 processes: 2 running, 37 idle

Memory: Real: 35M/55M act/tot Free: 65M Swap: 0K/500M used/tot

  PID USERNAME PRI NICE  SIZE   RES STATE WAIT     TIME    CPU COMMAND
   9389 _x11       2    0 7156K 7336K sleep select   3:40  0.78% XFree86
   12478 root       2    0 4524K 4820K idle  select   0:03  0.00% links
   17810 root       2    0  896K 2428K sleep select   0:01  0.00% xterm
    1886 root       2    0 1704K 3204K sleep select   0:01  0.00% xterm
    24756 root       2    0 4828K 4844K sleep poll     0:00  0.00% squid

Any thoughts? Any pointer would be greatly appreciated :)

Thanks,
Lincoln

Lincoln Rutledge
Information Technology Manager
Fairfield County District Library

Lincoln Rutledge
Information Technology Manager
Fairfield County District Library Received on Fri Mar 28 13:32:04 2003