[squid-users] Forwarding loop detected issue

From: Ricardo Nuno <ricardo.nuno_at_moonlight.pt>
Date: Tue, 3 Feb 2009 17:59:25 +0000 (WET)

Hi all,

I'm new to squid so bare with me. I just setup squid according to these instructions:
http://www.howtoforge.com/dansguardian-with-multi-group-filtering-and-squid-with-ntlm-auth-on-debian-etch-p2

The setup is working but my logs are fill with these errors for every connection:

2009/02/03 17:20:15| WARNING: Forwarding loop detected for:
Client: 127.0.0.1 http_port: 127.0.0.1:3128
GET internal://lis.moonlight.lan/squid-internal-periodic/store_digest HTTP/1.0
Accept: application/cache-digest
Accept: text/html
Via: 0.0 lis.moonlight.lan:3128 (squid/2.7.STABLE3)
X-Forwarded-For: unknown
Host: 127.0.0.1:8081
Authorization: Basic Kjpub3Bhc3N3b3Jk
Cache-Control: max-age=259200
Connection: Close

I know that these error is because of my cache_peer line iv been searching the web for the
solution of this issue and i tried to separate the configs of the 2 squid instances but wen
i did it the setup stop working.

Does this error will hurt the performance of Squid how can i fix it without breaking the
squi1+DG+squid2 setup?

regards,
--Ricardo

Squid Cache: Version 2.7.STABLE3
DansGuardian 2.8.0.6

My dansguardian.conf changes:

filterip =
filterport = 8081
proxyip = 127.0.0.1
proxyport = 3128
usernameidmethodproxyauth = on
forwardedfor = on

Below is my squid.conf:

http_port 127.0.0.1:3128 transparent
http_port 8080

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

cache_mem 1024 MB
maximum_object_size 8096 KB

cache_dir ufs /cache/squid 20000 16 256
access_log /var/log/squid/access.log squid

cache_peer 127.0.0.1 parent 8081 0 no-query login=*:nopassword

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 15
auth_param ntlm keep_alive on

auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Proxy Server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

acl NTLMUsers proxy_auth REQUIRED
acl rede_interna src 192.168.20.0/24
acl h_trabalho time MTWHF 08:00-18:00
acl downloads url_regex -i .exe .mp3 .vqf .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov .iso

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow localhost
http_access allow NTLMUsers

http_access deny all
http_reply_access allow all
icp_access allow all

forwarded_for off

cache_effective_user proxy
cache_effective_group proxy

coredump_dir /var/spool/squid
Received on Tue Feb 03 2009 - 17:59:35 MST

This archive was generated by hypermail 2.2.0 : Fri Feb 06 2009 - 12:00:02 MST