[squid-users] Avoiding incorrect URL interception from Roberto on 2011-01-20 (squid-users)

From: Roberto <mrgreiner_at_gmail.com>
Date: Thu, 20 Jan 2011 15:03:39 -0200

Hi,

I've just installed squid in a debian 5 machine, and most of what I want
is working, but I´m having one problem.

When someone searches for an URL that does not exist, most modern
browser get the DNS error and try searching google (or bing, or
whatever). But, with squid installed, the browser is instead getting
squid's message that the URL could not be retrieved. As a result, the
browsers do not try further to find the server.

An example: Without squid, if I type "squid" in Firefox's url bar, it
will not find a server, but will go to goolge, and find there squid's
page (ww.squid-cache.org). With squid, the browser is getting squid's
error page ("The requested URL could not be retrieved"), and stops.

Is there any way to avoid this behavior? To make squid not intercept
those "incorrect" URL's?

Thank you,

Roberto Greiner

Used setup: Debian 5.0.7, squid 3.0.stable8 from debian's repository,
client browsers manually configured to use the debian machine as proxy
(not using transparent proxy, yet). Configurations are mostly the
default one´s from debian´s repository, except increasing disk cache
somewhat. The setup below was extracted from the working setup with
'grep -vE "^#|^$" squid.conf' :
http_port 80
http_port 443
http_port 3128
http_port 8080
http_port 8443
hierarchy_stoplist cgi-bin ?
cache_dir ufs /var/spool/squid3 2048 32 512
access_log /var/log/squid3/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320
cache_mgr nead-root_at_unesp.br
icp_port 3130
coredump_dir /var/spool/squid3
include /etc/squid3/squid.acl.config

squid.acl.config:
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 200.145.9.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
icp_access deny all
htcp_access deny all

-- 
   -----------------------------------------------------
                 Marcos Roberto Greiner
    Os otimistas acham que estamos no melhor dos mundos
     Os pessimistas tem medo de que isto seja verdade
                                   James Branch Cabell
   -----------------------------------------------------

Received on Thu Jan 20 2011 - 17:03:50 MST

This archive was generated by hypermail 2.2.0 : Thu Jan 20 2011 - 12:00:03 MST