in /var/log/squid/cache.log i find: "kid1| WARNING: Forwarding loop detected
for:"
help me out guys =(
Дмитрий Шиленко писал 12.06.2014 16:56:
> you guessed it right)))))))
> i try use 192.168.0.97 instead of 127.0.0.1 - the same problem: Access
> Denied =(
>
>
> Antony Stone писал 12.06.2014 16:16:
>> On Thursday 12 June 2014 at 14:59:24, Дмитрий Шиленко wrote:
>>
>>> my network 192.168.0.0/24
>>
>> I was looking for rather more detail than that :)
>>
>> Let me guess - do I have the following correct?
>>
>> You have a single network range 192.168.0.0/24.
>>
>> All clients, plus the Squid proxy, are on that network.
>>
>> The Squid proxy has two interfaces.
>>
>> Its internal interface has address 192.168.0.97
>>
>> It has an external interface connected to, and able to reach, the Internet.
>>
>> There is no other router of firewall on your network.
>>
>> The default gateway address for all the clients is 192.168.0.97
>>
>> Tell us whether the above is correct or not.
>>
>>> requests getting transparently sent to the proxy via rule in "ipnat" ->
>>> rdr
>>> bge0 0.0.0.0/0 port 80 -> 127.0.0.1 port 3129
>>> to switch in transparent mode i add "http_port 127.0.0.1:3129" string in
>>> squid.conf
>>
>> Try using the address of the interface (which I believe to be 192.168.0.97)
>> instead of 127.0.0.1.
>>
>>> Antony Stone писал 12.06.2014 15:52:
>>> > On Thursday 12 June 2014 at 14:43:33, Дмитрий Шиленко wrote:
>>> >> When I switch squid transparent proxy mode - it blocks access to all
>>> >> sites:
>>> >>
>>> >> "When you receive a URL http://putty.org/ following error occurred
>>> >> Access denied.
>>> >> Access control system does not allow to fulfill your request now.
>>> >> Contact your administrator.
>>> >> Your cache administrator: webmaster. "
>>> >>
>>> >> switch to normal mode - everything works fine.
>>> >
>>> > What's your networking setup? How are the requests getting transparently
>>> > sent
>>> > to the proxy?
>>> >
>>> > What are you doing to switch between normal and transparent mode:
>>> > - on the proxy server
>>> > - on any firewall / router
>>> > - on the client/s
>>> > - anywhere else
>>> >
>>> >> SQUID 3,3,11
>>> >> config here:
>>> >> acl localnet src 192.168.0.0/24 # RFC1918 possible internal network
>>> >> #
>>> >> acl SSL_ports port 443
>>> >> acl Safe_ports port 80 # http
>>> >> acl Safe_ports port 21 # ftp
>>> >> acl Safe_ports port 443 # https
>>> >> acl Safe_ports port 70 # gopher
>>> >> acl Safe_ports port 210 # wais
>>> >> acl Safe_ports port 1025-65535 # unregistered ports
>>> >> acl Safe_ports port 280 # http-mgmt
>>> >> acl Safe_ports port 488 # gss-http
>>> >> acl Safe_ports port 591 # filemaker
>>> >> acl Safe_ports port 777 # multiling http
>>> >> acl CONNECT method CONNECT
>>> >>
>>> >> acl AdminsIP src "/usr/local/etc/squid/AccessLists/AdminsIP.txt"
>>> >> acl RestrictedDomains dstdomain
>>> >> "/usr/local/etc/squid/AccessLists/RestrictedDomains.txt"
>>> >> acl ad_group_rassh urlpath_regex -i
>>> >> "/usr/local/etc/squid/AccessLists/rasshirenie.txt"
>>> >>
>>> >> http_access allow localhost
>>> >> http_access deny !Safe_ports
>>> >> # Deny CONNECT to other than SSL ports
>>> >> http_access deny CONNECT !SSL_ports
>>> >>
>>> >> http_access allow localhost
>>> >> http_access allow AdminsIP
>>> >> http_access deny RestrictedDomains
>>> >> http_access deny ad_group_rassh
>>> >> http_access allow localnet
>>> >> http_access deny all
>>> >> icp_access allow localnet
>>> >> icp_access deny all
>>> >> htcp_access allow localnet
>>> >> htcp_access deny all
>>> >>
>>> >> http_port 192.168.0.97:3128
>>> >> http_port 127.0.0.1:3129 intercept
>>> >> cache deny all
>>> >> access_log /var/log/squid/access.log squid
>>> >>
>>> >> In access.log i fand "TCP_MISS"
>>> >
>>> > Regards,
>>> >
>>> >
>>> > Antony.
-- С ув. Шиленко Дмитрий Системный инженер global-it.com.ua моб. (063)142-32-59 офис 221-55-72Received on Thu Jun 12 2014 - 14:26:28 MDT
This archive was generated by hypermail 2.2.0 : Thu Jun 12 2014 - 12:00:05 MDT