I fixed the problem by running squid from none root user. :) hk- wrote: > > I have configured squid to run on a single computer like a transparent > proxy. > I used this mail from the archive as a install guide. > http://www.mail-archive.com/squid-users@xxxxxxxxxxxxxxx/msg48149.html > > Adding this as a iptables rule > iptables -t nat -A OUTPUT -o eth0 -p tcp --dport 80 -m owner --uid-owner > root -j ACCEPT > iptables -t nat -A OUTPUT -o eth0 -p tcp --dport 80 -j REDIRECT --to-port > 3128 > > And using this as my config > http_port 3128 transparent > hierarchy_stoplist cgi-bin ? > acl QUERY urlpath_regex cgi-bin \? > cache deny QUERY > acl apache rep_header Server ^Apache > broken_vary_encoding allow apache > access_log /usr/local/squid/var/logs/access.log squid > hosts_file /etc/hosts > refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 > refresh_pattern . 0 20% 4320 > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl to_localhost dst 127.0.0.0/8 > acl SSL_ports port 443 # https > acl SSL_ports port 563 # snews > acl SSL_ports port 873 # rsync > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl Safe_ports port 631 # cups > acl Safe_ports port 873 # rsync > acl Safe_ports port 901 # SWAT > acl purge method PURGE > acl CONNECT method CONNECT > http_access allow manager localhost > http_access deny manager > http_access allow purge localhost > http_access deny purge > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access allow localhost > acl ME src 10.0.0.5 > http_access allow ME > http_access deny all > http_reply_access allow all > icp_access allow all > coredump_dir /usr/local/squid/var/cache > > Squid Cache: Version 2.6.STABLE14 > configure options: '--prefix=/usr/local/squid' '--enable-linux-netfilter' > > > But when i use lynx I get this output in the browser > > This request could not be forwarded to the origin server or to any > parent caches. The most likely cause for this error is that: > * The cache administrator does not allow this cache to make direct > connections to origin servers, and > * All configured parent caches are currently unreachable. > > and this in my cache.log > > > 2007/09/21 14:00:24| WARNING: Forwarding loop detected for: > Client: 10.0.0.5 http_port: 127.0.0.1:3128 > GET http://www.nytimes.com/ HTTP/1.0 > Host: www.nytimes.com > Accept: text/html, text/plain, text/css, text/sgml, */*;q=0.01 > Accept-Encoding: gzip, bzip2 > Accept-Language: en > User-Agent: Lynx/2.8.6rel.4 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.8d > Via: 1.0 linux.niap.no:3128 (squid/2.6.STABLE14), 1.0 linux.niap.no:3128 > (squid/2.6.STABLE14) > X-Forwarded-For: 10.0.0.5, 10.0.0.5 > Cache-Control: max-age=259200 > Connection: keep-alive > > -- View this message in context: http://www.nabble.com/Problem-with-squid-2.6-on-a-single-computer-as-a-transparent-proxy-tf4495099.html#a12819841 Sent from the Squid - Users mailing list archive at Nabble.com.
