Re: [squid-users] Re: access denied

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 05 Jul 2014 00:50:15 +1200

On 2014-07-04 16:56, winetbox wrote:
> ok, it's done. it works now on 1 eth.
> all i did:
>
> on squid:
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 3129
>
> on mikrotik:
> remove all redirect NAT, create a route to squid machine as internet
> gateway, create a mangle where src-nat from clients dst-port=80, are
> all
> routed to proxy gateway.
>
>
> i have another problem though, i do:
> # tail -f /var/log/squid3/access.log | grep TCP_HIT
>
> and if i:
> # tail -f /var/log/squid3/access.log
>
>
> i see everything is TCP_MISS, for example:
> 1404449047.279 2035 192.168.14.3 TCP_MISS/200 327 POST
> http://makasar.speedtest.telkom.net.id/speedtest/upload.php? -
> HIER_DIRECT/118.98.104.242 text/html
> 1404449049.441 4211 192.168.14.3 TCP_MISS/200 327 POST
> http://makasar.speedtest.telkom.net.id/speedtest/upload.php? -
> HIER_DIRECT/118.98.104.242 text/html
> 1404449052.162 2630 192.168.14.3 TCP_MISS/200 327 POST
> http://makasar.speedtest.telkom.net.id/speedtest/upload.php? -
> HIER_DIRECT/118.98.104.242 text/html
> 1404449052.966 3419 192.168.14.3 TCP_MISS/200 327 POST
> http://makasar.speedtest.telkom.net.id/speedtest/upload.php? -
> HIER_DIRECT/118.98.104.242 text/html
>
>
> something i missed? if if i don't wrongly recall, my last squid(squid
> 2.9)
> access.log, don't have HIER_DIRECT, it is just DIRECT.

Means the same thing. "HIER_" is a cosmetic bug, should be fixed in
current releases.

Amos
Received on Fri Jul 04 2014 - 12:50:23 MDT

This archive was generated by hypermail 2.2.0 : Fri Jul 04 2014 - 12:00:05 MDT