Search squid archive

squid 3.0 transparent problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

greetings
i'm setting up a new squid box running 3.0 stable 16 in transparent mode.
the problem is, no call ever gets to squid, unless I configure the client to look at " squidip " port 3128. Browser fails to connect. If I tell the system to use proxy at squidip 3128, it works fine.
I have made the new transparent changes to my config. and I have redirected destined for port 80 to squid. 
here is my simplified config.

#l

acl manager proto cache_object
acl localhost src 127.0.0.1/32

acl localnet src 192.168.1.100 255.255.255.255
#
http_access allow manager localhost
http_access deny manager
http_access allow localnet

# And finally deny all other access to this proxy
http_access allow all

# NETWORK OPTIONS
# ----------------------------------------------------------------------------- 

#http_port 3128
http_port 10.0.2.3:3128 transparent

#Default:
# cache_mem 8 MB
cache_mem 128 MB

#Default:
# maximum_object_size_in_memory 8 KB
maximum_object_size_in_memory 80 KB

ipcache_size 1024
cache_dir ufs /usr/local/squid/var/cache 2048 16 256
maximum_object_size 40 MB

access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log

#Suggested default:
refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern (cgi-bin|\?)	0	0%	0
refresh_pattern .		0	20%	4320

cache_effective_user squid
cache_effective_group wheel
visible_hostname hook2

-----
#ipfw redirect
here you can see the redirect going to the port from the client
hook2:~ root# ipfw show
00001   0      0 allow udp from any 626 to any dst-port 626
00500 0 0 fwd 127.0.0.1,3128 tcp from 10.135.1.100 to any dst- port 80 in recv en1 
65535 559 359882 allow ip from any to any
hook2:~ root# ipfw show
00001    0       0 allow udp from any 626 to any dst-port 626
00500 1 64 fwd 127.0.0.1,3128 tcp from 192.168.1.100 to any dst-port 80 in recv en1 
65535 3530 2143506 allow ip from any to any

the client is OSX 10.5.6 leopard. browser cannot connect.
any ideas ? my previous setup used these transparent options,
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on



tia
-jeff
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux