Re: [squid-users] http CONNECT method with fwd proxy to content server on same subnet

From: Amos Jeffries <>
Date: Sat, 15 May 2010 19:14:14 +1200

Quin Guin wrote:
> Hi,
> I have a new need for deploying squid in my environment and I have
> been trying to set it up but it is not working as expected. Please
> see me requirements below and I have tried this with both 2.7-stable9
> and 3.1.3 on CentOS4.6 64bit.
> I have a remote server sending a HTTP CONNECT to my server but my
> server can't handle an HTTP CONNECT. So I wanted to use squid to

Something is badly broken there. CONNECT is not a generic HTTP request
method. It is specifically for browser-to-proxy and proxy-to-proxy
  You should never receive it at a web server or web app interface.

> handle the CONNECT method and then send the https requests to my
> local server to handle the request. I know that a transparent proxy
> doesn't know how to handle the SSL requests because is not operating

Yes, nor does it legally handle CONNECT method. Since interception mode
should only be handling valid web server interface methods.

> as a normal proxy. So I have been using squid as a fwd proxy but it
> keeps sending the http CONNECT method to my end server which is
> causing issues. So I am asking for ideas on what I need to do to look
> at do this. I have tried various iptables rules and cache_peers but
> nothing is seeming to work I am using pretty much the default config
> except for my local network IPs and ACL to allow the traffic.
> I would appreciate any ideas..

Do you have access or control to configure the remote server properly?

What is your current squid.conf configuration for http_port, http_access
and cache_peer rules?


Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.3
Received on Sat May 15 2010 - 07:14:22 MDT

This archive was generated by hypermail 2.2.0 : Mon May 17 2010 - 12:00:05 MDT