On 20/05/11 00:24, Boniforti Flavio wrote:
> Hello everybody.
>
> I ran out of space on my squid log directory because cache.log grew very
> fast filled by "forward loop detected" messages.
>
> I'm using my squid as a transparent proxy.
>
> What does that forward loop mean
Your squid is sending requests out which subsequently arrive back to it.
> and how could it happen? I've noticed
Most likely your NAT rules are broken. Packets leaving Squid MUST NOT be
sent back to Squids listening port.
Or maybe the requests are for a domain which is pointing at your Squid
with its IPs.
> that the originating IP was from a PC I had in my LAN which was infected
> with some sort of mal-/spy-ware...
Or some attempted attack which is being short-circuited by setting the
attackers domain to point at 0.0.0.0 or 127.0.0.1. In which case
"http_access deny to_localhost" with the default definition of
to_localhost should block it before looping.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.12 Beta testers wanted for 3.2.0.7 and 3.1.12.1Received on Thu May 19 2011 - 14:52:16 MDT
This archive was generated by hypermail 2.2.0 : Thu May 19 2011 - 12:00:02 MDT