I've narrowed it down....
It would appear that when I turned on the ipsec VPN, internet traffic now
seems to by bypassing the transparent squid...
I've narrowed it down to this line, in pf.conf:
set skip on { lo $int_if enc0 } # VPN
With that line commented out, Squid works as it should, but the VPN doesn't
work.
Ideas?
Davan Wong
World Health Club
Information Technology Department
> -----Original Message-----
> From: Davan Wong [mailto:davan@xxxxxxxxxxxxxxxxxxx]
> Sent: January 25, 2008 8:54 AM
> To: squid-users@xxxxxxxxxxxxxxx
> Subject: RE: It stopped denying sites!
>
> Resurrecting an old thread.... This box did it again. As of
> January 15th, it stopped denying sites again.
>
> What I find really odd, I noticed this time around that it
> also stopped writing to access.log and store.log on that same date.
>
> Any ideas why this would be happening? Any info I can
> provide that would be of help?
>
> Davan Wong
> World Health Club
> Information Technology Department
>
>
>
> > -----Original Message-----
> > From: Davan Wong [mailto:davan@xxxxxxxxxxxxxxxxxxx]
> > Sent: January 2, 2008 4:08 PM
> > To: 'Chris Robertson'; squid-users@xxxxxxxxxxxxxxx
> > Subject: RE: It stopped denying sites!
> >
> > > Davan Wong wrote:
> > > > Hello group,
> > > >
> > > > Something odd occurred last week. I am running squid
> > > 2.6stable13 on
> > > > several openBSD 4.2 boxes ( I manage several remote
> > > locations ). My
> > > > current ACL rules deny everything except internal
> company sites.
> > > > Well, last week one of the boxes stopped denying sites.
> > >
> > > Obvious question: what changed?
> >
> > Absolutely nothing. Last time the box was touched was Nov
> 21st. It
> > stopped denying sites on Dec 18.
> >
> > >
> > > > So users are getting everything and anything they request.
> > > > Everything looks like it should still be working. I see no
> > > > problems in any of the log files.
> > > >
> > >
> > > Except the fact that requests are being responded to with a 200
> > > instead of a 403...
> >
> > True...
> >
> > >
> > > >
> > > > Any ideas why this would happen? Are there any log file
> > > entries I can
> > > > post here that would be of some help?
> > > >
> > >
> > > Sadly the logs don't reveal what configuration file is
> > actually being
> > > used (is that a debug option?), so not much is going to
> be gleaned
> > > from the logs. You can see the current running
> > configuration (if you
> > > have specified a cachemgr_passwd), or might try explicitly
> > specifying
> > > the conf file to use when you start Squid (if you aren't already).
> > > Otherwise, you can increase the debugging on ACL processing
> > ( as seen
> > > in the FAQ entry:
> > > http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-57ab8844e90
> > 60937c4a654e1aa7568f87cb25aef)
> > > and see if that gives you any clues.
> >
> > I'll give that a try...
> >
> > What I've done is stop squid, rotate the log files, then
> restart it.
> > It seems to be working as I expect it to now...
> >
> > Thanks!
> >
> > >
> > > >
> > > > TIA! :)
> > > >
> > > >
> > > > Davan Wong
> > > > World Health Club
> > > > Information Technology Department
> > > >
> > >
> > > Chris
> > >
> >
>
