[squid-users] squid + privoxy = Unable to forward request

Yan Seiner yan at seiner.com
Wed Apr 29 16:34:23 UTC 2015 

ARGHHH!!!!

Never mind.

Somehow I had managed to insert single quotes around the cache_peer 
arguments.

cache_peer '127.0.0.1 parent 8118 0 no-query no-digest'

I've removed the single quotes and all is well.

On 04/29/2015 09:24 AM, Yan Seiner wrote:
> I am migrating a previous installation to new hardware and updated 
> versions.
>
> I use squid + privoxy, with privoxy being the parent.
>
> Privoxy listens on port 8118 and squid on 3128 on the same hardware.
>
> Each proxy works fine on its own.  I can test them individually and 
> both proxy correctly.
>
> However, when I add the cache_peer directive, I get the "Unable to 
> forward request" from squid.
>
> I have tried this with both localhost (127.0.0.1) and the eth address 
> 192.168.5.1.  Both result in the same error.
>
> I have disabled the firewall for testing and tried to set up the ACLs 
> to allow everyone from everywhere, and still the error persists.  The 
> logs show no errors.  The squid logs show the request being received, 
> but the privoxy logs don't show any requests hitting it from the squid 
> proxy.
>
> squid.conf:
>
> visible_hostname ap1.seiner.com
> cache_effective_user nobody
> cache_effective_group nogroup
> cache_dir ufs /cache 4096 16 256
>
> cache_peer '127.0.0.1 parent 8118 0 no-query no-digest'
> never_direct allow all
>
> acl localnet src 10.0.0.0/8
> acl localnet src 172.16.0.0/12
> acl localnet src 192.168.0.0/16
> acl localnet src fc00::/7
> acl localnet src fe80::/10
>
> acl ssl_ports port 443
>
> acl safe_ports port 80
> acl safe_ports port 21
> acl safe_ports port 443
> acl safe_ports port 70
> acl safe_ports port 210
> acl safe_ports port 1025-65535
> acl safe_ports port 280
> acl safe_ports port 488
> acl safe_ports port 591
> acl safe_ports port 777
> acl connect method connect
>
> http_access deny !safe_ports
> http_access deny connect !ssl_ports
>
> http_access allow localhost manager
> http_access deny manager
>
> http_access deny to_localhost
>
> http_access allow localnet
> http_access allow localhost
>
> http_access deny all
>
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
> refresh_pattern . 0 20% 4320
>
> debug_options ALL,1
> access_log stdio:/var/log/squid.access.log
> cache_log stdio:/var/log/squid.cache.log
> cache_store_log /dev/null
> logfile_rotate 0
>
> logfile_daemon /dev/null
> http_port 3128
> coredump_dir /tmp/squid
> pinger_enable off
>
> privoxy.conf:
>
> confdir    /etc/privoxy
> logdir    /var/log
> logfile    privoxy.log
> filterfile    default.filter
> actionsfile    match-all.action
> actionsfile    default.action
> listen-address    127.0.0.1:8118
> toggle    1
> enable-remote-toggle    1
> enable-remote-http-toggle    0
> enable-edit-actions    1
> enforce-blocks    0
> buffer-limit    4096
> forwarded-connect-retries    0
> accept-intercepted-requests    0
> allow-cgi-request-crunching    0
> split-large-forms    0
> keep-alive-timeout    300
> socket-timeout    300
> debug    512
> debug    4096
> debug    8192
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

More information about the squid-users mailing list