Removing $int_if from that line seems to have solved my problem... > -----Original Message----- > From: Davan Wong [mailto:davan@xxxxxxxxxxxxxxxxxxx] > Sent: January 25, 2008 10:46 AM > To: squid-users@xxxxxxxxxxxxxxx > Subject: RE: It stopped denying sites! > > I've narrowed it down.... > > It would appear that when I turned on the ipsec VPN, internet > traffic now seems to by bypassing the transparent squid... > > I've narrowed it down to this line, in pf.conf: > > set skip on { lo $int_if enc0 } # VPN > > With that line commented out, Squid works as it should, but > the VPN doesn't work. > > Ideas? > > Davan Wong > World Health Club > Information Technology Department > > > > > -----Original Message----- > > From: Davan Wong [mailto:davan@xxxxxxxxxxxxxxxxxxx] > > Sent: January 25, 2008 8:54 AM > > To: squid-users@xxxxxxxxxxxxxxx > > Subject: RE: It stopped denying sites! > > > > Resurrecting an old thread.... This box did it again. As > of January > > 15th, it stopped denying sites again. > > > > What I find really odd, I noticed this time around that it also > > stopped writing to access.log and store.log on that same date. > > > > Any ideas why this would be happening? Any info I can provide that > > would be of help? > > > > Davan Wong > > World Health Club > > Information Technology Department > > > > > > > > > -----Original Message----- > > > From: Davan Wong [mailto:davan@xxxxxxxxxxxxxxxxxxx] > > > Sent: January 2, 2008 4:08 PM > > > To: 'Chris Robertson'; squid-users@xxxxxxxxxxxxxxx > > > Subject: RE: It stopped denying sites! > > > > > > > Davan Wong wrote: > > > > > Hello group, > > > > > > > > > > Something odd occurred last week. I am running squid > > > > 2.6stable13 on > > > > > several openBSD 4.2 boxes ( I manage several remote > > > > locations ). My > > > > > current ACL rules deny everything except internal > > company sites. > > > > > Well, last week one of the boxes stopped denying sites. > > > > > > > > Obvious question: what changed? > > > > > > Absolutely nothing. Last time the box was touched was Nov > > 21st. It > > > stopped denying sites on Dec 18. > > > > > > > > > > > > So users are getting everything and anything they request. > > > > > Everything looks like it should still be working. I see no > > > > > problems in any of the log files. > > > > > > > > > > > > > Except the fact that requests are being responded to with a 200 > > > > instead of a 403... > > > > > > True... > > > > > > > > > > > > > > > > > Any ideas why this would happen? Are there any log file > > > > entries I can > > > > > post here that would be of some help? > > > > > > > > > > > > > Sadly the logs don't reveal what configuration file is > > > actually being > > > > used (is that a debug option?), so not much is going to > > be gleaned > > > > from the logs. You can see the current running > > > configuration (if you > > > > have specified a cachemgr_passwd), or might try explicitly > > > specifying > > > > the conf file to use when you start Squid (if you > aren't already). > > > > Otherwise, you can increase the debugging on ACL processing > > > ( as seen > > > > in the FAQ entry: > > > > http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-57ab8844e90 > > > 60937c4a654e1aa7568f87cb25aef) > > > > and see if that gives you any clues. > > > > > > I'll give that a try... > > > > > > What I've done is stop squid, rotate the log files, then > > restart it. > > > It seems to be working as I expect it to now... > > > > > > Thanks! > > > > > > > > > > > > > > > > > TIA! :) > > > > > > > > > > > > > > > Davan Wong > > > > > World Health Club > > > > > Information Technology Department > > > > > > > > > > > > > Chris > > > > > > > > > >
