Amos-
I applied that patch you sent over. I applied it against
squid-3.HEAD-20080721 and the build went fine. When I installed it and
did some testing this is what I observed trying to hit the url
http://www.cnn.com:
This testing was done with intercept removed and just tproxy directive
in the squid.conf.
cache.log:
2008/07/29 09:29:52| IPInterception.cc(171) NetfilterTransparent: NF
getsockopt(IP_TRANSPARENT) failed: (92) Protocol not available
access.log:
1217341792.820 0 10.48.1.198 NONE/400 1831 GET / - NONE/- text/html
Exact URL entered into IE7 on WindowsXP SP2 test machine:
http://www.cnn.com
Error on the client:
The following error was encountered while trying to retrieve the URL: /
Invalid URL
Some aspect of the requested URL is incorrect.
Some possible problems are:
Missing or incorrect access protocol (should be http:// or similar)
Missing hostname
Illegal double-escape in the URL-Path
Illegal character in hostname; underscores are not allowed.
It appears as though to much is being stripped from the URL. If I
renable both interception and tproxy in squid.conf, I get a working
system again, with this in cache.log:
2008/07/29 09:42:29| IPInterception.cc(137) NetfilterInterception: NF
getsockopt(SO_ORIGINAL_DST) failed: (11) Resource temporarily
unavailable
2008/07/29 09:42:29| IPInterception.cc(171) NetfilterTransparent: NF
getsockopt(IP_TRANSPARENT) failed: (92) Protocol not available
2008/07/29 09:42:50| commBind: Cannot bind socket FD 35 to
10.48.1.198:2173: (98) Address already in use
2008/07/29 09:42:50| comm.cc(1002) commResetFD: bind: (98) Address
already in use
2008/07/29 09:42:52| commBind: Cannot bind socket FD 30 to
10.48.1.198:2165: (98) Address already in use
2008/07/29 09:42:52| comm.cc(1002) commResetFD: bind: (98) Address
already in use
I noticed that there is a non-local bind setting in proc:
/proc/sys/net/ipv4/ip_nonlocal_bind should I set this to 1 or 0?
Received on Tue Jul 29 2008 - 14:45:32 MDT
This archive was generated by hypermail 2.2.0 : Tue Jul 29 2008 - 12:00:07 MDT