[squid-users] D

From: Loc Blot <loic.blot_at_unix-experience.fr>
Date: Fri, 19 Apr 2013 16:33:42 +0200

Hi,
i'm using Squid 3.2.9 version and i want to explain you a configuration
check which is missing and generate a bug for transparent/intercept
configurations.

I was using this http_port configuration earlier:
http_port 3128
http_port 3128 intercept (and also test with transparent)

As i see, squid intercept/transparent mode doesn't work if the port is
the same. If we (auto)configure proxy, no problem, but with transparent
proxying, squid refuses connections and in intercept mode, 400: BAD URL
is returned.

For some specific applications, i need transparent proxying to work.
Then i tried to change intercept port to 3129. And there, it works !

If i try this configuration (only this line):
http_port 3128 intercept

Normal proxy traffic doesn't work anymore.

There is two possible cases to resolve this problem:
* Squid must understand if traffic is redirected or is a normal proxy
traffic on intercept listening port
* Squid must refuse configuration when same http_ports are declared with
different modes

For debugging purpose, here are my squid compile configuration:

Squid Cache: Version 3.2.9
configure options: '--enable-pf-transparent'
'--enable-follow-x-forwarded-for' '--with-large-files' '--enable-ssl'
'--disable-ipv6' '--enable-esi' '--enable-kill-parent-hack'
'--disable-snmp' '--with-pthreads' --enable-ltdl-convenience

Thanks for advance.

-- 
Best regards, 
Loïc BLOT, Engineering
UNIX Systems, Security and Networks
http://www.unix-experience.fr
Received on Fri Apr 19 2013 - 14:33:41 MDT

This archive was generated by hypermail 2.2.0 : Fri Apr 19 2013 - 12:00:06 MDT