[squid-users] Squid versions and FreeBSD-10.1 headache

Henrik Lidström freebsd at lidstrom.eu
Fri Jan 23 13:25:51 UTC 2015



On 01/23/15 14:13, Odhiambo Washington wrote:
> 
> 
> On 23 January 2015 at 15:47, Yuri Voinov <yvoinov at gmail.com
> <mailto:yvoinov at gmail.com>> wrote:
> 
> 
>     -----BEGIN PGP SIGNED MESSAGE-----
>     Hash: SHA1
>      
>     Once more. You CANNOT have neither web-server nor other service with
>     listening port 80 on the same host as transparent Squid proxy. This
>     is one and only reason you have looping.
> 
>     Look. On my transparent 3.4.11 (which was early 2.7) IPFilter
>     redirects 80 port to proxy. My web server on the same host listens
>     only 8080, 8088 and 8888 ports. No one service except NAT is using
>     80 port.
> 
>     And finally I have no looping 4 years.
> 
>     Obvious, is it?
> 
> 
> Not so obvious.
> 
> I have a several servers with Apache listening on 80,443 which don't
> have this problem!
> I can give you access to one of them to see for yourself if you need to
> believe.
> 
> Anyway, this still doesn't help me. After changing my apache to port
> 8080 and firing up squid-3.5.1, I get access denied for all
> requests: http://pastebin.com/1fMSE1U9
> 
> 
> 
> 
> -- 
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254733744121/+254722743223
> "I can't hear you -- I'm using the scrambler."
> 

My workaround at home (since Squid changed it's intercept/transparent
code a while back) is to rdr to a small squid server running on firewall
machine, then cache_peer all traffic to my real squid machine.

/Henrik



More information about the squid-users mailing list