[Chilli] Coovachilli and Squid Transparent on the same host
Mohsen Saeedi
mohsen.saeedi at gmail.com
Wed May 16 18:53:02 UTC 2012
I know coova works with pcap. and kmod-coova is in experimental state
and it doesn't do anything now.
I have some idea. do can we replace pcap with pf_ring? pf_ring is very
faster than pcap. I think 100 or 1000 times faster.
do coova uses pcap for forwarding traffic to squid? which library or
technique it use to do this task.
Thanks
/*Venkatesh K <kaevee at gmail.com>*/ wrote on Thu, 17 May 2012 00:19:29 +0530:
> Hi you need to set
>
> HS_POSTAUTH_PROXY=<host or ip>
> HS_POSTAUTH_PROXYPORT=<port>
>
> I have't done any performance comparision with iptables forwarding. I
> believe coova-chilli forwarding directly to proxy should not have any
> performance impact. I could be wrong.
>
> Venkatesh. K
>
>
> On Thu, May 17, 2012 at 12:11 AM, Mohsen Saeedi
> <mohsen.saeedi at gmail.com <mailto:mohsen.saeedi at gmail.com>> wrote:
>
> Hi
>
> Thanks. i'm going to set as you said. which parameter, should i
> set on defaults config file for chilli?
>
> Do you know about performance? do you compare proxy/port solution
> with iptables rules solution?
>
>
> Thanks
>
>
> /*Venkatesh K <kaevee at gmail.com <mailto:kaevee at gmail.com>>*/ wrote
> on Wed, 16 May 2012 23:31:00 +0530:
>
> Hi,
>
> You don't need to setup any iptables rules. As long as you
> have configured Squid as transparent proxy and setup
> proxy/port in Coova Chilli config, it will work. The proxy can
> exist in same server.
>
> Regards,
>
> Venkatesh. K
>
>
> On Wed, May 16, 2012 at 11:19 PM, Germano Paciocco
> <germano.paciocco at gmail.com
> <mailto:germano.paciocco at gmail.com>
> <mailto:germano.paciocco at gmail.com
> <mailto:germano.paciocco at gmail.com>>> wrote:
>
> Hi all.
> I'm tryng to setup a Coovachilli installation with the same
> server
> of a transparent squid proxy. I read this thread
> http://lists.coova.org/pipermail/chilli/2010-April/001315.html,
> and it reports that HS_POSTAUTH_PROXY and HS_POSTAUTH_PROXYPORT
> are only for upstream (external?) proxies, is ti true? I
> read that
> in prior versions of Coovachilli there were HS_PROXY and
> HS_PROXYPORT that maybe would have worked in my scenario:
> are they
> unsupported on later versions?
>
> If firewall rules are the only solution, anyone can help me
> with
> iptables to do the same job? I need all traffic of
> authenticated
> session should pass through a squid proxy listening on
> 127.0.0.1... I tried some simple rule, and I can't get packets
> forwarded to the listening proxy, that I checked working on
> localhost:3128.
>
> It seems that Daniel Berteaud, on the last post to the thread i
> linked before, posted his script, but I can't find it attached!
>
> Thank you very much... kind regards!
>
> -- GP
>
> _______________________________________________
> Chilli mailing list
> Chilli at coova.org <mailto:Chilli at coova.org>
> <mailto:Chilli at coova.org <mailto:Chilli at coova.org>>
> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>
>
>
>
>
> _______________________________________________
> Chilli mailing list
> Chilli at coova.org <mailto:Chilli at coova.org>
> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>
> _______________________________________________
> Chilli mailing list
> Chilli at coova.org <mailto:Chilli at coova.org>
> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>
>
>
>
> _______________________________________________
> Chilli mailing list
> Chilli at coova.org
> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
More information about the Chilli
mailing list