[squid-users] squid "internal?" loop - with no firewall nat going on..?
Antony Stone
Antony.Stone at squid.open.source.it
Tue Mar 10 12:48:10 UTC 2015
On Tuesday 10 March 2015 at 13:29:15 (EU time), Klavs Klavsen wrote:
> Hi,
>
> I just setup a squid trying to get it to work in intercept mode.
Is it working correctly in non-intercept mode? It can be helpful to check the
simple setup first, and then try something more complex...
> When I access it via port 3129 (tried from both localhost and from
> another host - same problem) - using
>
> curl -H "Host: www.bt.dk" http://ip-of-squid-box/
Um, I don't see where you're telling curl to connect to port 3129 there (and
your subject line says you have no NAT in place).
> My config is:
> # predefined ACLs
> #acl localhost src 127.0.0.1 ::1
> #acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
So, you've disabled the definition of 'localhost', and then...
> # user-defined http_accesses
> http_access allow localnet
> http_access allow localhost
> http_access deny all
You're allowing from 'localnet' and 'localhost'...
You also say you're getting hundreds of 127.0.0.1 entries in the log output.
> # user-defined http_port
> http_port 3128
So, you're listening in proxy mode on port 3128 - does this work?
> http_port 3129 intercept
And you're also listening on 3129 in intercept mode - does a tcpdump (on all
interfaces, including lo) show any packets arriving on that port?
Regards,,
Antony.
--
There's no such thing as bad weather - only the wrong clothes.
- Billy Connolly
Please reply to the list;
please *don't* CC me.
More information about the squid-users
mailing list