On 12/11/10 17:30, Landy Landy wrote:
--- On Thu, 11/11/10, Amos Jeffries<squid3@xxxxxxxxxxxxx> wrote:
From: Amos Jeffries<squid3@xxxxxxxxxxxxx>
Subject: Re: Problems with hotmail and facebook
To: squid-users@xxxxxxxxxxxxxxx
Date: Thursday, November 11, 2010, 11:16 PM
On 12/11/10 16:22, Landy Landy
wrote:
--- On Thu, 11/11/10, Amos Jeffries wrote:
From: Amos Jeffries
On 12/11/10 15:11, Landy Landy
wrote:
Hello.
Our network is experiencing problems loading
or
accessing facebook and hotmail inbox and others
when I use
squid. I am using:
I use google's public dns and our local isp
provider's.
I tried to login to my hotmail account and got
this:
Squid Cache: Version 3.0.STABLE24
configure options:
'--prefix=/usr/local/squid'
'--sysconfdir=/etc/squid' '--enable-delay-pools'
'--enable-kill-parent-hack' '--disable-htcp'
'--enable-default-err-language=Spanish'
'--enable-linux-netfilter'
'--disable-ident-lookups'
'--localstatedir=/var/log/squid3.1'
'--enable-stacktraces'
'--with-default-user=proxy' '--with-large-files'
'--enable-icap-client' '--enable-async-io'
'--enable-storeio=aufs'
'--enable-removal-policies=heap,lru'
'--with-maxfd=32768'
When I try accessing these pages without
having to
pass through squid everything works fine.
Does anyone has an idea of what can be causing
this?
Could you give any details about what the problems
actually
are please?
Have you tried a more recent squid release?
Just installed version 3.1.9 and noticed this in the
cache.log file:
2010/11/11 23:19:45| IpIntercept.cc(137)
NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST)
failed on FD 117: (2) No such file or directory
<snip>
What does that mean?
It means you have a NAT failure receiving those requests.
Possibly that you are sending traffic directly to a NAT
http_port from
browsers configured to know about the proxy.
But, I'm running squid in transparent mode.
You are running Squid in NAT interception mode. That is what the old
"transparent" flag used to mean. These messages are generated when the
NAT system tables contain no information about the connected client machine.
It's not terribly critical, but shows that your proxy is open to a
couple of security problems from those machines.
Unlikely to be related to your connection problems.
PS: if the client calls started just after you moved to 3.1.9 you may
have hit http://bugs.squid-cache.org/show_bug.cgi?id=3099 as well.
Even if so I think that is not the problem you saw with 3.0 though.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.9
Beta testers wanted for 3.2.0.3