[squid-users] Squid configuration sanity check
Amos Jeffries
squid3 at treenet.co.nz
Wed May 16 12:33:56 UTC 2018
On 16/05/18 18:17, Alex K wrote:
> Hi again,
>
> With this config I get:
>
> ERROR: No forward-proxy ports configured.
>
> I am wondering if I could just add a dummy entry:
>
> http_port 3130
>
> to suppress this error.
>
> But not sure how this is useful when reading:
>
> https://wiki.squid-cache.org/KnowledgeBase/NoForwardProxyPorts
>
As the wiki page says Squid generates URLs sometimes which require the
client to contact the proxy directly for something(s). That cannot be
done through a port used for TPROXY or NAT interception traffic.
The port 3130 (if you choose that over the well-known 3128 port) should
not be a "dummy" that does nothing. Squid *will* open and listen for
traffic there. Clients will at times be told to fetch URLs from the
Squid machines public hostname at that port.
You can firewall the port off from all access if you really want to.
Just be aware that will add error messages about the proxy port not
being accessible to whatever problem the client is having that required
direct contact with Squid in the first place (usually trying to display
an error page).
Amos
More information about the squid-users
mailing list