[squid-users] ISSUE accssing content

Jagannath Naidu jagannath.naidu at fosteringlinux.com
Sat Jul 25 05:44:32 UTC 2015


Thanks mike.
But I think Amos is right.

On 25 July 2015 at 00:27, Mike <mcsnv96 at afo.net> wrote:

>  I see a few issues.
>
> 1. The report from the log shows a 192.168.*.* address, common LAN IP
>

The ip 192.168.122.1 is the ip address of  virtual interface (acts as a
default gateway for Virtual machines). I did NATing using iptables.

>
> Then in the squid.conf:
> 2. You have wvdial destination as 10.1.*.* addresses, which is a
> completely different internal network.
> Typically there will be no internal routing or communication from a
> 192.168..*.* address to/from a 10.*.*.* address without a custom routing
> server with 2 network connections, one from each IP set and to act as the
> DNS intermediary for routing. Otherwise for network/internet connections,
> the computer/browser sees its own IP as local network, and everything else
> including 10.*.*.* as an external address out on the internet. I would
> suggest getting both the browsing computer and the server on the same IP
> subset, as in 192.168.122.x or 10.1.4.x, otherwise these issues are likely
> to continue.
>

I have two squid servers.
1. squid 3.1 on physical server
2. squid 3.3 on VM hosted by 1

Same logs. No different results.

So when the client requests 8080 . 3.1 serves. When the client requests
3128 3.3 serves.
This application behavior is same for both.


>
> 3. Next in the squid.conf is http_port which should be port number only,
> no IP address, especially 0.0.0.0 which can cause conflicts with squid 3.x
> versions. Best bet is use just port only, as in: "http_port 3128" or in
> your case "http_port 8080", which is the port (with server IP found in
> ifconfig) the browser will use to connect through the squid server.
>

I tried your suggestion. But not worked. Same results :-(


> 4. The bypass local network means any IP connection attempt to a local
> network IP will not use the proxy. This goes back to the 2 different IP
> subsets. One option is to enter a proxy exception as 10.*.*.* (if the
> websense server is using 10.x.x.x IP address).
>

I was thinking, what would websense have deployed.

@amos, mike: Can we overwrite wpad of a client using squid server or any
means automatically ?????


>
> Mike
>

Jagannath Naidu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150725/8d8a595d/attachment.html>


More information about the squid-users mailing list