lör 2007-01-20 klockan 01:11 -0200 skrev Michel Santos: > > Then post > > > > * iptables ruleset > > * http_port + cache_peer + visible_hostname settings of each Squid > > * cache.log output of ALL,1 (no extra debugging enabled) from each > > Squid. > > > it is FreeBSD and IPFW Then post your ipfw rules instead of iptables. > but it seems you have overseen some important things, I write it again Maybe, maybe not. > squid0 is the transparent proxy and it *IS* forwarding correctly because > the access denied is coming from squid1 or squid2 Then you probably either have an access control problem on squid1/2, or unique_hostname isn't set proper. Which one can be seen from the error and/or access.log. > for me it seems that there is something wrong in 2.6 that when it gets > xforwarded packets from clients from peer 127.0.0.1 it does not understand > it Are you using the x-forwarded-for stuff? Or what are you trying to say here? > because I tried with one instance on the local machine and another 2.6 > parent on another machine and it works as it should To Squid it's the exact same thing. > also please remember that this scenario works perfect with 2.5, I do not > change anything else but the squid version (and of course the different > transparent configs for 2.6 on squid0 instance) Maybe, maybe not. Squid-2.5 hides some configuration errors in peering relations by falling back on direct on error. This is not done by default in 2.6. > in order getting you the cache.logs I need to wait for an early hour on a > workday to set it up, actually - if interested - I can send you them from > the working 2.5 setup but please tell me what you need from them, the > startup? because else there is only this kind of stuff in what probably > does not help anything here: Only if there is any messages logged at the time you see the error about the request which errors. Other messages can be ignored. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
