[squid-users] squid -> dansguardian -> squid

From: Brian Meyer <bmeyer@dont-contact.us>
Date: Fri, 15 Aug 2003 12:44:30 -0400

I have a proxy set up that has Dans and Squid on it. This setup works fine,
and for transparent proxying, the firewall redirects port 80 traffic to 8080
where Dans Guardian picks it up. DG then passes it to squid on port 3128
where it is proxied out to the internet. We need more control of our ACL's,
so we looked into setting up another instance of Squid before DG to handle
the ACL, and just let DG scan for content. We have successfully configured
the second copy of squid to listen on port 8081 and then send it's requests
on to DG at port 8080. If I configure a web browser to use a proxy server,
and point it to port 8081, everything works fine, but if I leave the web
browser configured for transparent access, and change the firewall redirect
to port 8081 instead of 8080, it breaks. In looking at the log files of the
first squid listening on port 8081, the requested url's are getting :8080
appended to the domain. It looks like this:

1060957931.194 40883 mhall.swmc.org TCP_MISS/000 0 GET
http://www.google.com:8080/ - FIRST_UP_PARENT/127.0.0.1 -
1060958054.025 137655 mhall.swmc.org TCP_MISS/504 1045 GET
http://ar.atwola.com:8080/image/93142556/1060958206/aim -
FIRST_UP_PARENT/127.0.0.1 -
1060960878.334 4116 mhall.swmc.org TCP_MISS/000 0 GET
http://www.google.com:8080/ - FIRST_UP_PARENT/127.0.0.1 -

I am trying to figure out why this is happening when we change the firewall
redirect, but not happening if we set the client browser to use a proxy at
port 8081. The squid line that we are using to send the requests on to DG
is:

cache_peer 127.0.0.1 parent 8080 0 no-query

and I have also played with the accel settings like tis:

httpd_accel_host 127.0.0.1
httpd_accel_port 8080

If I disable these 2 lines, then the log file only shows the url of the
request, the domain is getting stripped out.

Any help that anyone can provide would be greatly appreciated.

Brian Meyer
Received on Fri Aug 15 2003 - 10:44:36 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:55 MST