On 20/05/11 00:24, Boniforti Flavio wrote:
Hello everybody. I ran out of space on my squid log directory because cache.log grew very fast filled by "forward loop detected" messages. I'm using my squid as a transparent proxy. What does that forward loop mean
Your squid is sending requests out which subsequently arrive back to it.
and how could it happen? I've noticed
Most likely your NAT rules are broken. Packets leaving Squid MUST NOT be sent back to Squids listening port.
Or maybe the requests are for a domain which is pointing at your Squid with its IPs.
that the originating IP was from a PC I had in my LAN which was infected with some sort of mal-/spy-ware...
Or some attempted attack which is being short-circuited by setting the attackers domain to point at 0.0.0.0 or 127.0.0.1. In which case "http_access deny to_localhost" with the default definition of to_localhost should block it before looping.
Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.12 Beta testers wanted for 3.2.0.7 and 3.1.12.1
