The issue if was not understood was not about the localhost acl..
The issue was maybe another thing which is the global name of the proxy
as localhost.
And I think it's a server issue rather then squid issue.
When I have tried with proxy v 3.1.20 it worked only when froward_for
header was on.
on 3.3.8 it worked for me like a charm with no problem at all in any stage.
it might be an issue:
2013/09/23 07:06:05.957| parseHttpRequest: Request Header is
Host: www.zrsr.sk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:23.0) Gecko/20100101
Firefox/23.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: ASP.NET_SessionId=k0xeysegazsgtq01a34a2gty
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
2013/09/23 07:06:05.957| client_side.cc(2171) parseHttpRequest: repare
absolute URL from
HttpMsg::parse success (160 bytes) near 'HTTP/1.1 400 Bad Request
Content-Type: text/html
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Date: Mon, 23 Sep 2013 04:06:09 GMT
Content-Length: 11
Bad Request'
2013/09/23 07:06:06.034| 0x7fa84362f200 joining for id 61
in squid 3.3.8 I get:
2013/09/23 07:09:05.966 kid1| http.cc(2205) sendRequest: HTTP Server
REQUEST:
---------
GET / HTTP/1.1
Host: www.zrsr.sk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:23.0) Gecko/20100101
Firefox/23.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: ASP.NET_SessionId=k0xeysegazsgtq01a34a2gty
Cache-Control: max-age=259200
Connection: keep-alive
----------
---------
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 23 Sep 2013 04:09:51 GMT
Content-Length: 5103
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML lang="sk">
<HEAD>
<title>ŽIVNOSTENSKÝ REGISTER SLOVENSKEJ REPUBLIKY</title>
<meta content="Microsoft Visual Studio.NET 7.0" name="GENERATOR">
<meta content="Visual Basic 7.0" name="CODE_LANGUAGE">
<meta content="JavaScript" name="vs_defaultClientScript">
<meta content="http://schemas.microsoft.com/intellisense/ie5"
name="vs_targetSchema">
<LINK href="Styles.css" type="text/css" rel="stylesheet">
</HEAD>
<body>
<form method="post" action="" id="Form1">
<div class="aspNetHidden">
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE"
value="/wEPDwULLTE0NTgwMDY1NDUPZBYCAgEPZBYOAgEPZBYCAgEPFgIeCWlubmVyaHRtbAUwxb1JVk5PU1RFTlNLJiMyMjE7IFJFR0lTVEVSIFNMT1ZFTlNLRUogUkVQVUJMSUtZZAIEDxYCHwAFEVZ5aMS+YWRhxaUgcG9kxL5hZAIGDw8WAh4EVGV4dAUEScSMT2RkAggPDxYCHwEFEG9iY2hvZG7DqWhvIG1lbmFkZAIKDw8WAh8BBSBwcmllenZpc2thIGEgbWVuYSBmeXppY2tlaiBvc29ieWRkAgwPDxYCHwEFFGFkcmVzeSBwcmV2w6Fkemthcm5lZGQCDg9kFg4CAQ8WAh4HVmlzaWJsZWgWCgIBDxYCHwAFE1Z5aMS+YWRhxaUgcG9kxL5hIDpkAgMPDxYCHwEFBEnEjE9kZAIFDw8WAh8BBRBvYmNob2Ruw6lobyBtZW5hZGQCBw8PFgIfAQUg
----------
So I assume an upgrade to 3.3.8 should do the trick since 3.1.20 wont
get a major update?? or it's another issue?
Eliezer
On 09/20/2013 09:27 AM, Mgr. Peter Tuharsky wrote:
> Thank You for Your reply. I have identified a name resolving issue so far.
>
> I'm not sure however, what should be in acl localhost src and acl
> localnet src.
>
> Peter
>
> Dňa 20.09.2013 05:09, Amos Jeffries wrote / napísal(a):
>> On 17/09/2013 6:24 p.m., Mgr. Peter Tuharsky wrote:
>>> .Via: */
>>> 0x31, 0x2e, 0x30, 0x20, 0x6c, 0x6f, 0x63, 0x61, /* 1.0 loca */
>>> 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x20, 0x28, 0x73, /* lhost
>>
>> Your Squid is for some reason identifying its *public* domain name as
>> "localhost".
>>
>> This has bitten a few people when their proxy tried to interact with a
>> second proxy (upstream or downstream) whch also identified its public
>> FQDN the same way.
>> What you need is to setup the machine the proxy is running on such that
>> hostname produces a resolvable FQDN, and that name has preferrably both
>> forward and reverse DNS (the latest Squid still check for rDNS but do
>> not break if it differs). Also any IP addresses used in the
>> http_port/https_port forward-proxy directive need to have rDNS pointing
>> at a publicly resolvable FQDN.
>>
>> Amos
Received on Mon Sep 23 2013 - 04:12:19 MDT
This archive was generated by hypermail 2.2.0 : Mon Sep 23 2013 - 12:00:05 MDT