yegle wrote:
Hi list,
I'm trying to set up a squid server as transparent proxy,however I
found some errors when handling 302 redirect pages.
Here's my configure file:
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
icp_access allow localnet
icp_access deny all
htcp_access allow localnet
htcp_access deny all
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
cache_mem 512 MB
maximum_object_size_in_memory 512 KB
cache_dir ufs /var/cache/squid 10240 16 256
minimum_object_size 0 KB
maximum_object_size 40960 KB
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname none
icp_port 3130
forwarded_for off
coredump_dir /var/cache/squid
Test url:
http://evernote.com
Normal interaction:
$ curl -v evernote.com
* About to connect() to evernote.com port 80 (#0)
* Trying 205.234.25.136... connected
* Connected to evernote.com (205.234.25.136) port 80 (#0)
GET / HTTP/1.1
User-Agent: curl/7.20.0 (x86_64-pc-linux-gnu) libcurl/7.20.0 GnuTLS/2.8.5 zlib/1.2.3
Host: evernote.com
Accept: */*
< HTTP/1.1 302 Object Moved
< Location: http://www.evernote.com/
* Connection #0 to host evernote.com left intact
* Closing connection #0
Unnormal interaction with squid transparent proxy:
$ curl -v evernote.com
* About to connect() to evernote.com port 80 (#0)
* Trying 205.234.25.136... connected
* Connected to evernote.com (205.234.25.136) port 80 (#0)
GET / HTTP/1.1
User-Agent: curl/7.20.0 (x86_64-pc-linux-gnu) libcurl/7.20.0 GnuTLS/2.8.5 zlib/1.2.3
Host: evernote.com
Accept: */*
* HTTP 1.0, assume close after body
< HTTP/1.0 502 Bad Gateway
< Server: squid/3.0.STABLE19
< Mime-Version: 1.0
< Date: Sun, 14 Mar 2010 08:10:06 GMT
< Content-Type: text/html
< Content-Length: 1687
< X-Squid-Error: ERR_INVALID_RESP 0
< X-Cache: MISS from none
< X-Cache-Lookup: MISS from none:3128
< Via: 1.0 none (squid/3.0.STABLE19)
< Proxy-Connection: close
Messages from access.log:
1268555151.842 137 XX.XX.XX.XX TCP_MISS/502 2562 GET
http://evernote.com/favicon.ico - DIRECT/205.234.25.136 text/html
Can anyone give me a hint, how to avoid this? Thank you!
There is something wrong with the reply being sent back to Squid from
the server. Look in your squid cache.log to see what is wrong with that
reply.
You may need to configure "debug_options 58,6 " to see what Squid is
getting.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25
Current Beta Squid 3.1.0.18
