<div dir="ltr"><div>here is my squid.conf <a href="http://pastebin.com/raw/9BTcpVkL">http://pastebin.com/raw/9BTcpVkL</a></div><div><br></div>Here is what log looks like when i grep packates from Apple Devices when app store is opened.<div><br></div><div><div>1486551793.635 742 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://17.110.234.27:443">17.110.234.27:443</a> - ORIGINAL_DST/<a href="http://17.110.234.27">17.110.234.27</a> -</div><div>1486551796.343 30610 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://104.113.210.17:443">104.113.210.17:443</a> - HIER_NONE/- -</div><div>1486551796.343 30605 192.168.1.12 TCP_TUNNEL/200 30574 CONNECT <a href="http://init.itunes.apple.com:443">init.itunes.apple.com:443</a> - ORIGINAL_DST/<a href="http://104.113.210.17">104.113.210.17</a> -</div><div>1486551799.097 30326 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://104.113.210.17:443">104.113.210.17:443</a> - HIER_NONE/- -</div><div>1486551799.097 30324 192.168.1.12 TCP_TUNNEL/200 30584 CONNECT <a href="http://init.itunes.apple.com:443">init.itunes.apple.com:443</a> - ORIGINAL_DST/<a href="http://104.113.210.17">104.113.210.17</a> -</div><div>1486551799.502 726 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://17.110.234.27:443">17.110.234.27:443</a> - ORIGINAL_DST/<a href="http://17.110.234.27">17.110.234.27</a> -</div><div>2017/02/08 16:33:19 kid1| SECURITY ALERT: Host header forgery detected on local=<a href="http://17.173.66.101:443">17.173.66.101:443</a> remote=<a href="http://192.168.1.12:53158">192.168.1.12:53158</a> FD 477 flags=33 (local IP does not match any domain IP)</div><div>1486551805.013 59549 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://17.110.234.27:443">17.110.234.27:443</a> - ORIGINAL_DST/<a href="http://17.110.234.27">17.110.234.27</a> -</div><div>2017/02/08 16:33:33 kid1| SECURITY ALERT: Host header forgery detected on local=<a href="http://104.113.210.17:443">104.113.210.17:443</a> remote=<a href="http://192.168.1.12:53159">192.168.1.12:53159</a> FD 659 flags=33 (local IP does not match any domain IP)</div><div>1486551826.441 57130 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://17.173.66.96:443">17.173.66.96:443</a> - HIER_NONE/- -</div><div>1486551826.441 57052 192.168.1.12 TCP_TUNNEL/200 6671 CONNECT <a href="http://pd-st.itunes.apple.com:443">pd-st.itunes.apple.com:443</a> - ORIGINAL_DST/<a href="http://17.173.66.96">17.173.66.96</a> -</div><div>1486551852.061 211 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://104.113.210.11:443">104.113.210.11:443</a> - ORIGINAL_DST/<a href="http://104.113.210.11">104.113.210.11</a> -</div><div>1486551852.434 216 192.168.1.12 TCP_MISS/200 7010 GET <a href="https://configuration.apple.com/configurations/internetservices/cloudkit/cloudkit-1.0.plist">https://configuration.apple.com/configurations/internetservices/cloudkit/cloudkit-1.0.plist</a> - ORIGINAL_DST/<a href="http://104.113.210.11">104.113.210.11</a> text/xml</div><div>1486551881.425 234 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://17.252.172.5:443">17.252.172.5:443</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551881.791 130 192.168.1.12 TCP_MISS_ABORTED/200 620 ACE <a href="https://guzzoni.apple.com/ace">https://guzzoni.apple.com/ace</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551882.684 207 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://17.252.172.5:443">17.252.172.5:443</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551882.829 348 192.168.1.12 TCP_REFRESH_MODIFIED/200 415 HEAD <a href="http://www.apple.com/">http://www.apple.com/</a> - ORIGINAL_DST/<a href="http://104.113.211.46">104.113.211.46</a> text/html</div><div>1486551882.859 68 192.168.1.12 TCP_MISS/200 101 HEAD <a href="https://guzzoni.apple.com/salt">https://guzzoni.apple.com/salt</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551883.004 207 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://17.252.172.5:443">17.252.172.5:443</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551883.083 67 192.168.1.12 TCP_MISS/406 133 HEAD <a href="https://guzzoni.apple.com/ace">https://guzzoni.apple.com/ace</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551884.123 202 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://17.252.172.5:443">17.252.172.5:443</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551884.301 81 192.168.1.12 TCP_MISS_ABORTED/200 622 ACE <a href="https://guzzoni.apple.com/ace">https://guzzoni.apple.com/ace</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551886.908 43 192.168.1.12 TCP_REFRESH_MODIFIED/200 415 HEAD <a href="http://www.apple.com/">http://www.apple.com/</a> - ORIGINAL_DST/<a href="http://104.113.211.46">104.113.211.46</a> text/html</div><div>1486551887.085 207 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://17.252.172.5:443">17.252.172.5:443</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551887.168 67 192.168.1.12 TCP_MISS/406 133 HEAD <a href="https://guzzoni.apple.com/ace">https://guzzoni.apple.com/ace</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551887.310 200 192.168.1.12 TAG_NONE/200 0 CONNECT <a href="http://17.252.172.5:443">17.252.172.5:443</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div><div>1486551887.416 68 192.168.1.12 TCP_MISS/200 101 HEAD <a href="https://guzzoni.apple.com/salt">https://guzzoni.apple.com/salt</a> - ORIGINAL_DST/<a href="http://17.252.172.5">17.252.172.5</a> -</div></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Feb 8, 2017 at 12:35 AM, Hardik Dangar <span dir="ltr"><<a href="mailto:hardikdangar+squid@gmail.com" target="_blank">hardikdangar+squid@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div style="font-size:12.8px">Hello,</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">Here is some information about my squid version,</div><div style="font-size:12.8px"><br></div><div style="font-size:12.8px">Squid Cache: Version 3.5.23<br></div><div style="font-size:12.8px">Service Name: squid</div><div style="font-size:12.8px">configure options: '--prefix=/usr' '--localstatedir=/var/squid' '--libexecdir=/lib/squid' '--srcdir=.' '--datadir=/share/squid' '--sysconfdir=/etc/squid' '--with-default-user=proxy' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid<wbr>.pid' '--with-openssl' '--enable-ssl-crtd' '--enable-inline' '--disable-arch-native' '--enable-async-io=8' '--enable-storeio=ufs,aufs,dis<wbr>kd,rock' '--enable-removal-policies=lru<wbr>,heap' '--enable-delay-pools' '--enable-follow-x-forwarded-f<wbr>or' '--enable-url-rewrite-helpers=<wbr>fake' '--enable-ecap'</div><div><br></div><div><br></div><div>We are running squid as transparent proxy and have certs installed in all systems. Until recently all our systems were ubuntu or windows. Recently we added mac os Seirra and the biggest issue we had with mac is even after installing certificates. Few apps have problems.</div><div><br></div><div>Our biggest problem is Itunes Store. It just doesn't work for some reason. if we check the log we get random ip's trying to connect via 443 port but it doesn't connect.</div><div>Also Skype for Mac does not work. strangely this works for windows and ubuntu in our network. Again we see the same behavior.</div><div><br></div><div>both of these apps does not work even in Iphone and Ipad.</div><div><br></div><div>I believe someone must be able to configure transparent squid with Mac. can anyone tell me if i need to do anything extra for Mac setup.</div></div>
</blockquote></div><br></div>