Re: [squid-users] Unable to make Squid work as a transparent proxy (Squid 3.1.7, Linux Debian, WCCP2)

From: Amos Jeffries <>
Date: Tue, 09 Nov 2010 18:57:53 +1300

On 09/11/10 00:11, Leonardo wrote:
> Hi Amos,
> On Sun, Nov 7, 2010 at 5:12 AM, Amos Jeffries<> wrote:
>> http_port 3128 intercept
> I have changed the config from "http_port 3128 transparent" to
> "http_port 3128 intercept", but I see no change in the behaviour.
>> You will also need a separate port for the normal browser-configured and
>> management requests. 3.1 will reject these if sent to a NAT interception
>> port.
> I don't get this. Could you please be so kind to explain, or to point
> me to a page in the documentation?

Ah, sorry I was mixing up me modes and versions. The statement was wrong
about the rejections. It's just a LAN-wide exploitable security hole.

>> Also check the squid access.log. This will determine whether it is the ASA
>> side or the Internet side of Squid which then needs to be tcpdumped for port
>> 80 to find out whats going on.
> The file access.log is empty.

So the ASA side. Now you know were to look for the mysterious missing


Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.9
   Beta testers wanted for
Received on Tue Nov 09 2010 - 05:57:56 MST

This archive was generated by hypermail 2.2.0 : Tue Nov 09 2010 - 12:00:02 MST