Re: [squid-users] problem whith squid 3.3.1 in transparent mode

From: Amos Jeffries <>
Date: Fri, 13 Jun 2014 08:31:52 +1200

On 13/06/2014 2:30 a.m., Antony Stone wrote:
> On Thursday 12 June 2014 at 16:26:19, Дмитрий Шиленко wrote:
>> in /var/log/squid/cache.log i find: "kid1| WARNING: Forwarding loop
>> detected for:"
> That was probably due to my suggestion of redirecting to instead
> of
> You may as well put that back to what it was, and at least get rid of the new
> problem :)

You are probably right that that is because of the IP change in the
rules. But actually in a good way.

locahost and its IP are a bit special in many ways. One of
those ways is that NAT is not capable of setting the localhost address
on a global scope packet, or a global IP on a lo interface packet.

I've seen NAT fail silently when NATing to/from incorrectly.
The forwarding loop error message means the traffic has successfully
entered and *exited* Squid at least once.

>> help me out guys =(
> Has anyone else got more experience than me of transparent interception, and
> can see what might be the problem here?

I believe the NAT rule needs two changes:
 1) use in place of the as earlier suggested.
 2) prevent traffic *from* being NATed - it is Squid's
outbound traffic.

Received on Thu Jun 12 2014 - 20:32:13 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 13 2014 - 12:00:06 MDT