On 6/1/05, Henrik Nordstrom <hno@xxxxxxxxxxxxxxx> wrote: > On Wed, 1 Jun 2005, Henry wrote: > > > While trying to process the request: > > > > GET / HTTP/1.1 > > Accept: */* > > Accept-Language: en > > Accept-Encoding: gzip, deflate > > User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/412 > > (KHTML, like Gecko) Safari/412 > > Connection: keep-alive > > Host: www.mac.com > > Your squid.conf is not configured properly for interception. See FAQ. > > Regards > Henrik > I tried to test this on my second server but the guys in my network allready have plans for it. I wanted to test OpenBSD with pf (route-to) on the Gateway and FreeBSD wiht pf (rdr) on squid server. *** On Squidserver <pf.conf> rdr on $int_if inet proto tcp from any to any port www -> 127.0.0.1 port 3128 pass in on $int_if inet proto tcp from any to 127.0.0.1 port 3128 keep state pass out on $ext_if inet proto tcp from any to any port www keep state <pf.conf> <squid.conf> http_port 127.0.0.1:3128 httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on <squid.conf> # chgrp _squid /dev/pf # chmod g+rw /dev/pf *** On Gateway <pf.conf> int_if = "internal interface" squid_if = "interface with route/direct connection to squid" squid_ip = "ip of Squidserver" my_lan = "client IPs" pass in on $int_if route-to ($squid_if $squid_ip) proto tcp from $my_lan to any port www keep state <pf.conf> I can get a test server to check this but not before the weekend. There is so much I want to test. Do we need to route www from FreeBSD/Squid back to OpenBSD? Does the Squidserver need two ethernet interfaces or an alias and to act as a router? And I was hoping to test squid with tcp_outgoing_address and nat rules. Good luck Henry and wish me luck. -- Kind regards Abu Khaled
