[squid-users] transparent proxy original_dst err
Yuri Voinov
yvoinov at gmail.com
Tue Apr 21 11:12:52 UTC 2015
So, what?
What's the problem?
21.04.15 16:44, jaykbvt пишет:
> Hi,
> My squid is configured in interception mode with
>
> http_port 3130
> http_port 3129 intercept
>
> squid is running with single network card. request comes from the Cisco ISG
> and internet is also allowed from the same Cisco ISG only.
>
> IPtables has been configured with following
> squidip = 10.58.200.33
> squid port = 3129
> ====================
> iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to
> 10.58.200.33:3129
> ====================
>
> Have also tried setting up config suggested at squid docs
>
> DNAT - http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat
> Redirect -
> http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect
>
>
> But in all three setup I am getting
>
> I'm getting following entries in my access.log file...
>
> ==========================================================
> 1429610951.208 309 10.210.83.249 TCP_MISS/503 3808 GET
> http://www.wikipedia.org/ - ORIGINAL_DST/10.58.200.33 text/html
> 1429611003.025 5 10.210.83.249 TCP_MISS/503 3808 GET
> http://www.wikipedia.org/ - ORIGINAL_DST/10.58.200.33 text/html
> 1429611620.888 306 10.210.83.249 TCP_MISS/503 3808 GET
> http://www.wikipedia.org/ - ORIGINAL_DST/10.58.200.33 text/html
> 1429611625.952 4 10.210.83.249 TCP_MISS/503 3808 GET
> http://www.wikipedia.org/ - ORIGINAL_DST/10.58.200.33 text/html
> ==========================================================
>
> Given bellow are entries in cache.log
>
> +++++++++++++++++++++++++++++++++++
> 2015/04/21 15:50:20.576 kid1| client_side.cc(3412) httpAccept:
> local=10.58.200.33:80 remote=10.210.83.249:3375 FD 10 flags=33: accepted
> 2015/04/21 15:50:20.576 kid1| client_side.cc(258) readSomeData:
> local=10.58.200.33:80 remote=10.210.83.249:3375 FD 10 flags=33: reading
> request...
> 2015/04/21 15:50:20.581 kid1| client_side.cc(2322) parseHttpRequest:
> parseHttpRequest: req_hdr = {Host: www.wikipedia.org
> User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:35.0) Gecko/20100101
> Firefox/35.0
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language: en-US,en;q=0.5
> Accept-Encoding: gzip, deflate
> Connection: keep-alive
>
> }
> 2015/04/21 15:50:20.581 kid1| client_side.cc(2326) parseHttpRequest:
> parseHttpRequest: end = {
> }
> 2015/04/21 15:50:20.581 kid1| client_side.cc(2330) parseHttpRequest:
> parseHttpRequest: prefix_sz = 284, req_line_sz = 16
> 2015/04/21 15:50:20.582 kid1| client_side.cc(925) clientSetKeepaliveFlag:
> clientSetKeepaliveFlag: http_ver = 1.1
> 2015/04/21 15:50:20.582 kid1| client_side.cc(927) clientSetKeepaliveFlag:
> clientSetKeepaliveFlag: method = GET
> 2015/04/21 15:50:20.582 kid1| client_side_request.cc(1691) doCallouts: Doing
> calloutContext->hostHeaderVerify()
> 2015/04/21 15:50:20.583 kid1| client_side.cc(258) readSomeData:
> local=10.58.200.33:80 remote=10.210.83.249:3375 FD 10 flags=33: reading
> request...
> 2015/04/21 15:50:20.884 kid1| client_side_request.cc(1698) doCallouts: Doing
> calloutContext->clientAccessCheck()
> 2015/04/21 15:50:20.884 kid1| AccessCheck.cc(32) Start: adaptation off,
> skipping
> 2015/04/21 15:50:20.884 kid1| client_side_request.cc(1727) doCallouts: Doing
> calloutContext->clientAccessCheck2()
> 2015/04/21 15:50:20.884 kid1| client_side_request.cc(1746) doCallouts: Doing
> clientInterpretRequestHeaders()
> 2015/04/21 15:50:20.885 kid1| client_side_request.cc(1835) doCallouts:
> calling processRequest()
> 2015/04/21 15:50:20.888 kid1| client_side.cc(1626) keepaliveNextRequest:
> ConnnStateData(local=10.58.200.33:80 remote=10.210.83.249:3375 FD 10
> flags=33), Context(local=10.58.200.33:80 remote=10.210.83.249:3375 FD 10
> flags=33)
> 2015/04/21 15:50:20.888 kid1| client_side_request.cc(265)
> ~ClientHttpRequest: httpRequestFree: http://www.wikipedia.org/
> 2015/04/21 15:50:20.888 kid1| client_side.cc(1696) keepaliveNextRequest:
> local=10.58.200.33:80 remote=10.210.83.249:3375 FD 10 flags=33: calling
> conn->readNextRequest()
> 2015/04/21 15:50:23.401 kid1| client_side.cc(2492) connFinishedWithConn:
> local=10.58.200.33:80 remote=10.210.83.249:3375 FD 10 flags=33 closed
> 2015/04/21 15:50:23.401 kid1| client_side.cc(864) swanSong:
> local=10.58.200.33:80 remote=10.210.83.249:3375 flags=33
> 2015/04/21 15:50:23.401 kid1| client_side.cc(4644) unpinConnection:
> 2015/04/21 15:50:23.402 kid1| client_side.cc(895) ~ConnStateData:
> local=10.58.200.33:80 remote=10.210.83.249:3375 flags=33
> 2015/04/21 15:50:25.945 kid1| client_side.cc(3412) httpAccept:
> local=10.58.200.33:80 remote=10.210.83.249:3378 FD 10 flags=33: accepted
> 2015/04/21 15:50:25.946 kid1| client_side.cc(258) readSomeData:
> local=10.58.200.33:80 remote=10.210.83.249:3378 FD 10 flags=33: reading
> request...
> 2015/04/21 15:50:25.947 kid1| client_side.cc(2322) parseHttpRequest:
> parseHttpRequest: req_hdr = {Host: www.wikipedia.org
> User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:35.0) Gecko/20100101
> Firefox/35.0
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language: en-US,en;q=0.5
> Accept-Encoding: gzip, deflate
> Connection: keep-alive
>
> +++++++++++++++++++++++++++++++++++
>
>
>
>
>
> any idea how to resolve this.
>
> Thanks & Regards,
> Jaykbvt
>
>
>
>
> --
> View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/transparent-proxy-original-dst-err-tp4670846.html
> Sent from the Squid - Users mailing list archive at Nabble.com.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list