Re: squid+transparent proxy

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Mon, 10 Aug 1998 22:03:30 +0200

Evren Yurtesen wrote:
> now I have this problem, the machine is trying to connect to itself...

I think almost everyone who have tried to build a transparent proxy
setup have been bitten by this one.

Measures you can take:
* Deny Squid from fetching objects from itself (using ACL lists).
* Apply a small patch that prevents Squid from looping infinitely
(available from http://hem.passagen.se/hno/squid/)
* Don't run Squid on port 80, and redirect port 80 not destinated for
the local machine to Squid (redirection == ipfilter/ipfw/ipfadm). This
avoids the most common loops.
* If you are using ipfilter then you should also use transproxyd in
front of Squid. Squid does not yet know how to interface to ipfilter
(pathes are welcome: squid-bugs@ircache.net).

---
Sparetime Squid Hacker
Received on Tue Aug 11 1998 - 03:54:31 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:41:28 MST