[squid-users] Fwd: squid intercept config

Monah Baki monahbaki at gmail.com
Fri Mar 6 13:50:50 UTC 2015 

http://wiki.squid-cache.org/ConfigExamples/Intercept/FreeBsdPf

So something else is missing?

On Fri, Mar 6, 2015 at 8:47 AM, Yuri Voinov <yvoinov at gmail.com> wrote:

>  On proxy box.
>
> 06.03.15 19:47, monahbaki at gmail.com пишет:
>
> From squid or router?
>
>  Thanks
>
>  Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE
> network.
>    *From: *Yuri Voinov
> *Sent: *Friday, March 6, 2015 8:44 AM
> *To: *Monah Baki
> *Cc: *squid-users at lists.squid-cache.org
> *Subject: *Re: [squid-users] Fwd: squid intercept config
>
>  Ok.
>
> In this case this is NAT misconfiguration.
>
> You need to check it carefully.
>
> 06.03.15 19:43, Monah Baki пишет:
>
>  No other process on 80 is on the server. I also confirmed from the
> client side if he runs "telnet www.openbsd.org 80" on his desktop, he
> gets a response.
>
>  Thanks
>
> On Fri, Mar 6, 2015 at 8:28 AM, Yuri Voinov <yvoinov at gmail.com> wrote:
>
>>  Did you have another listening process on 80 port on your proxy box?
>>
>> I.e., web-server?
>>
>> 06.03.15 19:26, Monah Baki пишет:
>>
>>  I went and changed the 10.0.0.0/8 to 10.0.0.23, which is the client
>> station we are testing on, same results. Forward loop detected
>>
>>  Thanks
>>
>> On Fri, Mar 6, 2015 at 8:14 AM, Antony Stone <
>> Antony.Stone at squid.open.source.it> wrote:
>>
>>> On Friday 06 March 2015 at 14:03:28 (EU time), Monah Baki wrote:
>>>
>>> > Hi All,
>>> >
>>> > As an addition to my yesterday's issue,
>>> >
>>> > Tail -f cache.log, I am getting the following:
>>> >
>>> > 015/03/06 13:54:02| WARNING: Forwarding loop detected for:
>>>
>>> > Any ideas?
>>>
>>> Is your NAT rule catching the HTTP requests from the proxy itself (as
>>> well as
>>> the requests from the clients) and sending *everything* to the proxy
>>> (including the requests the proxy is trying to make out to the Internet)?
>>>
>>> I'm not an expert on Cisco or BSD, but it does strike me that your rule:
>>>
>>> rdr pass inet proto tcp from 10.0.0.0/8 to any port 80 -> 10.0.0.24
>>> port 3129
>>>
>>> looks like it will match requests from the proxy's address 10.0.0.24 as
>>> well
>>> as all the clients...
>>>
>>> Try adding an exception in before the NAT rule, saying "traffic from
>>> 10.0.0.24
>>> should not be NATted".
>>>
>>>
>>> Regards,
>>>
>>>
>>> Antony.
>>>
>>> --
>>> "Once you have a panic, things tend to become rather undefined."
>>>
>>>  - murble
>>>
>>>                                                    Please reply to the
>>> list;
>>>                                                          please *don't*
>>> CC me.
>>>  _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> http://lists.squid-cache.org/listinfo/squid-users
>>>
>>
>>
>>
>> _______________________________________________
>> squid-users mailing listsquid-users at lists.squid-cache.orghttp://lists.squid-cache.org/listinfo/squid-users
>>
>>
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>>
>>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150306/56777ad0/attachment-0001.html>

More information about the squid-users mailing list