Simon,
have you try using this setting :
#1) httpd_accel <your ip gateway> <proxy port>
#2) httpd_accel_uses_host_header on
#3) httpd_accel_with_proxy on
the key is on the line #1 and #2, httpd accel is not run on the virtual mode
(that's right), but running using the host header forwarding (only support HTTP
1.1), although this mode is not so secure and have a limited capability, but this
system can work :) . We've do that using similar system like yours, we're using
solaris 2.5.1, IP filter 3.2.7 and Cisco 7500, it's work great!. But then i've
got the problem too, about the memory leak and malloc problem, my memory can
decrease for about 200MB to 20MB for only 5 minutes running the squid !!!
Ery Punta
Simon Richards wrote:
> First my setup:
>
> Cisco 2509 running IOS 11.2
> PC running Linux 2.0.34
> Squid 1.NOVM.20 running on port 8080, httpd_accel is virtual 8080
> ipfwadm 2.3.0
>
> I have read through umpteen pages of information on the subject of
> Transparent Proxies, however so far the following problem has not been
> listed:
>
> To my knowledge I have everything configured up correctly, I am using the
> suggested configuration settings from the squid FAQ. (Except for the
> proxy port number :-) Particulary the section dealing with Cisco's and
> Linux.
>
> When a user has not got proxy settings set in their browser squid tells
> them that they are unable to connect to the remote host. After further
> investigation I discovered that an address eg http://203.55.198.1 was
> getting :8080 appended to it. So of course when squid tried contacting the
> remote host it was failing because web servers run on port 80 (typically)
>
> Web sites within our own network are just fine, which is per normal when
> you have set up local_domains and local_ips in the squid.conf
>
> Now when users have the proxy settings configured in their web browser
> they encounter no problems whatsoever and there is no :8080 appended.
>
> I have made the required alterations to my kernel and recompiled it, made
> the changes to squid and restarted it, and the Cisco accepts commands on
> the fly.
>
> This problem has me extremely puzzled, my guess is it has something to do
> with ipfwadm.
>
> Any help would be greatly appreciated.
>
> Regards,
> Simon Richards
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Simon Richards
>
> eMail: dragon@wair.com.au "Practice random acts of kindness
> UIN: 268947 and senseless acts of beauty."
>
> Visit the Western Australian Information Resource
> http://www.wair.com.au
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Received on Tue Jun 09 1998 - 09:15:11 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:40 MST