[squid-users] Intercept @ Squid-3.4.6

From: Roberto O. Fernández Crisial <roberto.fernandezcrisial_at_gmail.com>
Date: Wed, 23 Jul 2014 16:54:14 -0300

Hi guys,

I hope you're doing fine. I'm trying to intercept HTTP requests on
Squid 3.4.6 but I'm going crazy. Is there any http_port parameter
change between 3.1.10 and 3.4.6?

I have 3.1.10 working fine, here are the examples:

IPTABLES CONFIGURATION (Global config)
-A PREROUTING -s 10.1.0.0/16 -p tcp -m tcp --dport 80 -j DNAT
--to-destination SQUIDIP:3129

With Squid 3.1.10

SQUID CONF
http_port 3128 transparent
http_port 3129 intercept

START SQUID 3.1.10
2014/07/23 16:06:38| Accepting intercepted HTTP connections at
0.0.0.0:3128, FD 12.
2014/07/23 16:06:38| Accepting intercepted HTTP connections at
0.0.0.0:3129, FD 13.

CURL
curl http://www.ciudad.com.ar -x http://SQUIDIP:80

STRACE
accept(13, {sa_family=AF_INET, sin_port=htons(34330),
sin_addr=inet_addr("10.1.100.158")}, [16]) = 9
getsockname(9, {sa_family=AF_INET, sin_port=htons(3129),
sin_addr=inet_addr("SQUIDIP")}, [16]) = 0
connect(15, {sa_family=AF_INET6, sin6_port=htons(80),
inet_pton(AF_INET6, "::ffff:200.42.143.77", &sin6_addr),
sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 EINPROGRESS (Operation now
in progress)

STOP SQUID 3.1.10

Now with Squid 3.4.6

SQUID CONF
http_port 3128
http_port 3129 intercept

START SQUID 3.4.6
2014/07/23 16:06:05| Accepting HTTP Socket connections at
local=[::]:3128 remote=[::] FD 19 flags=9
2014/07/23 16:06:05| Accepting NAT intercepted HTTP Socket connections
at local=[::]:3129 remote=[::] FD 20 flags=41

CURL
curl http://www.ciudad.com.ar -x http://SQUIDIP:80

STRACE
accept(20, {sa_family=AF_INET6, sin6_port=htons(34428),
inet_pton(AF_INET6, "::ffff:10.1.100.158", &sin6_addr),
sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 8
getsockname(8, {sa_family=AF_INET6, sin6_port=htons(3129),
inet_pton(AF_INET6, "::ffff:SQUIDIP", &sin6_addr), sin6_flowinfo=0,
sin6_scope_id=0}, [28]) = 0
connect(10, {sa_family=AF_INET, sin_port=htons(80),
sin_addr=inet_addr("SQUIDIP")}, 16) = -1 EINPROGRESS (Operation now in
progress)

STOP SQUID 3.4.6

I see in Squid 3.4.6 the squid process tries to conect to itself on
port 80. With Squid 3.1.10 works fine (connets to reomte server). Any
ideas?

Thank you all in advance.

Best,
Received on Wed Jul 23 2014 - 19:54:24 MDT

This archive was generated by hypermail 2.2.0 : Thu Jul 24 2014 - 12:00:05 MDT