[squid-users] squid intercept config
Monah Baki
monahbaki at gmail.com
Sat Mar 7 13:46:45 UTC 2015
Thanks Amos and everyone who helped me,
Will revert to client to check his Cisco device, I been banging my head for
days now troubleshooting the proxy.
He's running an old cisco hardware and IOS too.
On Sat, Mar 7, 2015 at 8:24 AM, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> On 8/03/2015 1:09 a.m., Monah Baki wrote:
> > Forgot to paste my test.
> >
> > Basically from my squid server:
> > root at ISN-PHC-CACHE:/cache/squid/bin # ./squidclient -h www.cnn.com -H
> > 'Host: www.cnn.com\n' -p 80
> > HTTP/1.1 302 Found
> > Server: Varnish
> > Retry-After: 0
> > Content-Length: 0
> > Location: http://edition.cnn.com80
>
> Um, that redirect URL is invalid. This Varnish is outputting garbage.
>
>
> However, this test result does prove that output traffic from your Squid
> should be fine. The test connecting to your port 3128 should confirm
> that by getting the same or very similar result for normal traffic.
>
>
> So the problem is on the input. It could still be at the client end, or
> in the NAT redirection.
>
> One thing I've not seen clarified in the discussion is which machine the
> NAT rules have been placed (Squid box? or router?). Sorry if I missed that.
> The NAT operation MUST be done on the Squid box or the local machines
> NAT system tells it the client was connecting to connect to
> itself/Squid:3129 (which is the forwarding loop).
>
> The router looks liek a Cisco device, so it must do L2 routing
> redirection or WCCP to deliver packets to the Squid machine without
> having altered their IP:port details in any way.
>
> Amos
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150307/739643ef/attachment.html>
More information about the squid-users
mailing list