[squid-users] Squid versions and FreeBSD-10.1 headache
Odhiambo Washington
odhiambo at gmail.com
Fri Jan 23 13:45:51 UTC 2015
On 23 January 2015 at 16:29, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 24/01/2015 2:13 a.m., Odhiambo Washington wrote:
> > On 23 January 2015 at 15:47, Yuri Voinov <yvoinov at gmail.com>
> > wrote:
> >
> >>
> >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
> >>
> >> Once more. You CANNOT have neither web-server nor other service
> >> with listening port 80 on the same host as transparent Squid
> >> proxy. This is one and only reason you have looping.
> >>
> >> Look. On my transparent 3.4.11 (which was early 2.7) IPFilter
> >> redirects 80 port to proxy. My web server on the same host
> >> listens only 8080, 8088 and 8888 ports. No one service except NAT
> >> is using 80 port.
> >>
> >> And finally I have no looping 4 years.
> >>
> >> Obvious, is it?
> >>
> >>
> > Not so obvious.
> >
> > I have a several servers with Apache listening on 80,443 which
> > don't have this problem! I can give you access to one of them to
> > see for yourself if you need to believe.
> >
> > Anyway, this still doesn't help me. After changing my apache to
> > port 8080 and firing up squid-3.5.1, I get access denied for all
> > requests: http://pastebin.com/1fMSE1U9
> >
>
>
> Aha, here is the heart of problem:
>
> 2015/01/23 15:59:34.455| client_side.cc(2320) parseHttpRequest: HTTP
> Client local=127.0.0.1:13128 remote=192.168.2.165:54234 FD 14 flags=33
>
>
> The local= value shows what the machine NAT system told Squid the
> original destination IP of the client connection was.
>
> Resulting in the to_localhost ACL denying the client access through
> the proxy.
>
>
So the simple solution would be to change what in my squid.conf -
http://pastebin.com/L16cDmRp
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
"I can't hear you -- I'm using the scrambler."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150123/727746de/attachment.html>
More information about the squid-users
mailing list