[squid-users] ISSUE accssing content
Amos Jeffries
squid3 at treenet.co.nz
Fri Jul 24 21:29:41 UTC 2015
On 25/07/2015 6:57 a.m., Mike wrote:
> I see a few issues.
>
> 1. The report from the log shows a 192.168.*.* address, common LAN IP
>
> Then in the squid.conf:
> 2. You have wvdial destination as 10.1.*.* addresses, which is a
> completely different internal network.
> Typically there will be no internal routing or communication from a
> 192.168..*.* address to/from a 10.*.*.* address without a custom routing
> server with 2 network connections, one from each IP set and to act as
> the DNS intermediary for routing. Otherwise for network/internet
> connections, the computer/browser sees its own IP as local network, and
> everything else including 10.*.*.* as an external address out on the
> internet. I would suggest getting both the browsing computer and the
> server on the same IP subset, as in 192.168.122.x or 10.1.4.x, otherwise
> these issues are likely to continue.
WTF? Thats IPv4, no IP-range segmentation in that protocol except 127/8.
As long as a route exists 192.* can talk to 10.* no problems.
Also, he has indicated direct connectivity tests are working fine already.
Also, Squid is an application layer gateway. As long as Squid has access
to both networks it should be fine regardless of any obstructions direct
access might have. In fact its often used to get around that type of
problem, such as IPv4<->IPv6 translation.
>
> 3. Next in the squid.conf is http_port which should be port number only,
> no IP address, especially 0.0.0.0 which can cause conflicts with squid
> 3.x versions. Best bet is use just port only, as in: "http_port 3128" or
> in your case "http_port 8080", which is the port (with server IP found
> in ifconfig) the browser will use to connect through the squid server.
Nope again. The IP address is fine. In the case of 0.0.0.0 it forces
Squid to IPv4-only service on that port. Making way for another service
to run IPv6 in parallel with same ports. Or IPv6 clients to get rejected
at TCP level.
>From the logs presented we can see traffic arriving at Squid and being
serviced. Just not with the desired responses.
Amos
More information about the squid-users
mailing list