[squid-users] Squid 3.5.1 intercept / Forwarding loop detected for

naser sonbaty naser.sonbaty at gmail.com
Thu Feb 12 10:52:12 UTC 2015 

Hi guys,

I need your help with setting squid 3.5.1 with intercept.
My topolgy Clients PC <--> Router PC <--> SquidPC

Router:
Send trafic from 80 to squid 192.168.15.2:3129

my config:
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

http_access allow localhost manager
http_access deny manager

http_access allow localnet
http_access allow localhost

http_access deny all

http_port 127.0.0.1:3128
http_port 192.168.15.2:3129 intercept

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

coredump_dir /var/cache/squid/coredump_squid
pid_filename /var/run/squid.pid
access_log /var/log/squid/frontend.access.log
cache_log /var/log/squid/frontend.cache.log
cache_dir aufs /var/cache/squid/cache1 1024 128 128

I got following error:
1423737360.412      0 192.168.15.2 TCP_MISS/403 4256 GET
http://www.yahoo.com/ - HIER_NONE/- text/html
1423737360.412     18 10.0.0.7 TCP_MISS/403 4313 GET http://www.yahoo.com/
- ORIGINAL_DST/192.168.15.2 text/html
1423737360.426      0 192.168.15.2 TCP_MISS/403 4291 GET
http://www.squid-cache.org/Artwork/SN.png - HIER_NONE/- text/html
1423737360.426      1 10.0.0.7 TCP_MISS/403 4348 GET
http://www.squid-cache.org/Artwork/SN.png - ORIGINAL_DST/192.168.15.2
text/html

and log from cache:
2015/02/12 11:36:00 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://www.yahoo.com/
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like
Gecko/20100101 Firefox/12.0
Accept-Encoding: gzip, deflate
DNT: 1
Host: www.yahoo.com
Cookie: B=7938nbda0dlii&b=3&s=9t
Via: 1.1 proxy (squid/3.5.1)
X-Forwarded-For: 10.0.0.7
Cache-Control: max-age=259200
Connection: keep-alive


2015/02/12 11:36:00 kid1| WARNING: Forwarding loop detected for:
GET /Artwork/SN.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: http://www.yahoo.com/
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like
Gecko/20100101 Firefox/12.0
Accept-Encoding: gzip, deflate
DNT: 1
Host: www.squid-cache.org
Via: 1.1 proxy (squid/3.5.1)
X-Forwarded-For: 10.0.0.7
Cache-Control: max-age=259200
Connection: keep-alive

THX for helping
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150212/ac164259/attachment.html>

More information about the squid-users mailing list