Hi, 2011/2/24 Amos Jeffries <squid3@xxxxxxxxxxxxx>: > > Please keep the replies on the mailing list for others to benefit from. > I charge for private assistance. Sorry I failed to send reply to all :-( > > On Wed, 23 Feb 2011 12:32:56 +0200, Ãmit Kablan wrote: >> >> >> 2011/2/22 Amos Jeffries : >>> >>> On Tue, 22 Feb 2011 17:24:39 +0200, Ãmit Kablan wrote: >>>> >>>> 2011/2/21 Amos Jeffries wrote: >>>>> >>>>> On Mon, 21 Feb 2011 16:19:53 +0200, Ãmit Kablan wrote: >>>>>> >>>>>> ------- >>>>>> GET >>>>>> >>>>>> >>>>>> >>>>>> /search?hl=tr&source=hp&biw=1276&bih=823&q=eee+ktu&aq=0&aqi=g10&aql=&oq=eee&fp=64d53dfd7a69225a&tch=3&ech=1Ï=6UBOTbHmCtah_Aa2haXRDw12969740590425&wrapid=tlif129697480915821&safe=active >>>>>> HTTP/1.1 >>>>> >>>>> Note the missing http://domain details in the URL. This is not a >>>>> browser->proxy HTTP request. It is a browsers->origin request. >>>>> >>>>> IIRC interception of this type of request does not work in Windows, >>>>> since >>>>> the kernel NAT details are not available without proprietary >>>>> third-party >>>>> network drivers. Look at WPAD configuration of the localnet browsers >>>>> instead, that way they will send browser->proxy requests nicely. >>>> >>>> Exactly! The working requests are all starting with http://domain/ as >>>> you mentioned. (I must say I couldn't capture loopback network packets >>>> ... >>> >>> Squid needs to be configured via the http_port to know what mode/type of >>> traffic it is going to receive. The browsers need to be sending the right >>> type as well. >> >> I have >> ----- >> http_port 3128 >> ----- >> in my configuration. Do I miss something? > > Yes. But you keep omitting the details of *how* browsers are getting to > squid, so we can't tell if you are attempting to run a transparent proxy or > a reverse proxy. Two very different configurations both in Squid and in the > network underneath. > > Please confirm your network layout and traffic flows including software > which is involved on each related machine. > My network has 20+ machines all connecting to internet individually through ONE adsl modem in my network (those are connected to each other with a switch). My browsers are configured to use the squid proxy explicitly (so I think it has nothing to to with transparency) > > You say this Squid is on Windows where interception type of transparent > proxy is not possible for free, but keep mentioning the public website > google as working. Actually I was trying to stress on the weird problem I encountered to help shed some light on the problem. > > I suspect you are trying to perform NAT interception on a separate box to > Squid. Which is highly dangerous. > I think NAT inspection you mentioned is not executed on the XP machine where squid is running, yes. But I am not sharing my internet connection through that windows machine. I just want clients (those browsers configured to use proxy) use the internal proxy. > >>> >>> There are a number of workaround, So we are at the question of what >>> exactly >>> are you trying to do with the traffic? what does your goal look like? >> >> I have a slow internet connection all machines connecting to internet >> individually so I simply want squid work correctly to make things >> faster. > > Details please. So far we know this: > > When failing > ÂClients traffic passes through gateway box __ which is running __ and does > __ to the connections, then __ and then __ and Squid sends an "invalid > request" message back. > > When working > ÂClients traffic passes through gateway box __ which is running __ and does > __ to the connections, then __ and then __ and Squid fetches the request > over a slow Internet link and sends it back. > > >> >> Browser doesnt send correct http://domain/xyz address to the proxy >> instead it sends GET /xyz and it does seem to be same on firefox, ie >> and chrome. The browser additionally send Host: www.xxx.com data with >> missing url info. What I thought of was telling squid concatenate >> these data: "http://"; "www.xyz.com" "/xyz" if possible. >> >> Everything works correctly at localhost and it seems strange to me. > > Localhost is very special. > >> >> When you enter google everything is fine, when you hit keys google >> gets completion successfully BUT when you hit enter the browser just >> sends /xyz unlike before. >> >> I am sending my configuration for Squid 2.7STABLE8 downloaded from >> http://squid.acmeconsulting.it/index.html. >> >>> >>> Amos Regards, -- Ãmit
