Hi I hope someone can help me!
I am running Squid 2.6.STABLE1 on Ubuntu Edgy 6.10 (Kernel 2.6.17-amd64).
Squid is listening on port 3328. I am in the process of changing servers
from Mandrake MNF, Kernel 2.4.18-8 with Squid 2.4.STABLE7. I want my
configurations to be exactly the same, so I have copied over lots of things
like my squid.conf and my firewall script. The configuration file I have
included currently works with my old server.
On my new Ubuntu server the squid program starts up OK. Oh, I also have
SquidGuard running.
This is the line in my firewall that redirects the HTTP requests from port
80 to port 3328:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j
REDIRECT --to-port 3328
When I comment out this line, clients on the LAN can get through to the
Internet. When the above line is implemented, we get the following error in
all browsers, to all hosts. ERR_INVALID_REQ
The following error was encountered:
Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
Missing or unknown request method
Missing URL
Missing HTTP Identifier (HTTP/1.0)
Request is too large
Content-Length missing for POST or PUT requests
Illegal character in hostname; underscores are not allowed
Your cache administrator is webmaster.
Generated Wed, 28 Feb 2007 22:49:09 GMT by squid (squid/2.6.STABLE1)
Here is my squid.conf file, hoping it will help.
############################
http_port 3328
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \ ?
no_cache deny QUERY
cache_mem 16 MB
cache_dir diskd /var/spool/squid 1000 16 256
# Redirector
redirect_program /usr/local/bin/squidGuard -c /etc/squid/squidGuard.conf
redirect_children 32
half_closed_clients off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
# ACLs
acl Eth1 src 192.168.1.0/255.255.255.0
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports 280 488 591 777 22
acl CONNECT method CONNECT
acl PURGE method PURGE
# the below line is to set the local website not to cache
acl erc dstdomain .ercsarnia.ca
acl erc dstdomain .ercsarnia.com
always_direct allow erc
no_cache deny erc
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow Eth1
http_access allow PURGE localhost
http_access deny PURGE
http_access deny all
icp_access allow all
miss_access allow all
# The below line is for compatibility with Hotmail
# anonymize_headers deny Accept-Encoding # doesn't work with squid 2.6?
# user/group
cache_effective_user squid
cache_effective_group squid
visible_hostname squid
# Timeout settings
connect_timeout 2 minutes
request_timeout 30 seconds
# Customised error pages
err_html_text angela@lchras.ca # doesnt seem to work?
memory_pools off
######################################
Received on Thu Mar 01 2007 - 12:38:27 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 31 2007 - 13:00:01 MDT