Search squid archive

Re: The server closed the connection without sending any data.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 30/07/11 09:49, Ragheb Rustom wrote:
Hi Andrei,

I think http_port should says the following as it is written in
documentation that "transparent" use is being deprecated.

So for transparent proxying this line should be as follows:

http_port 3128 intercept

As well you need to do some iptables configuration as just programming squid
as being transparent by itself does not throw http traffic from clients
transparently to squid.

Please send your iptables configuration if possible to have a look.

Sincerely,

Ragheb Rustom
Smart Telecom S.A.R.L

-----Original Message-----
From: Andrei [mailto:funactivities@xxxxxxxxx]
Sent: Friday, July 29, 2011 11:22 PM
To: squid-users@xxxxxxxxxxxxxxx
Subject:  The server closed the connection without sending any
data.

If proxy info is entered manually in the browser, caching works OK. If
LAN clients are sent transparently to the proxy, an error message in
Google Chrome:
Error 324 The server closed the connection without sending any data.
Mozilla Firefox displays a blank page.
Strangely enough I don't see anything in the squid access.log when LAN
clients are forced by the router to transparent cache...

I'm running:
Squid Cache: Version 3.1.6
Debian stable 6.0.2.1
DualXeon 3GhZ, 250GB SCSI, 4GB RAM

Config file:

acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 172.16.0.0/21  # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

request_header_max_size 15824 KB
request_body_max_size 15824 KB
reply_header_max_size 15824 KB
reply_body_max_size 15824 KB

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
http_access allow all
icp_access allow all

drop icp_access - feature is disabled.

htcp_access allow all

drop htcp_access - feature is disabled.

http_port 3128 transparent
hierarchy_stoplist cgi-bin ?

drop this hierarchy_stoplist

cache_mem 1024 MB
cache_dir ufs /var/spool/squid3 40960 16 256
coredump_dir /var/spool/squid3
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       40%     40320
icp_port 0

remove icp_port - that is default.

refresh_pattern -i \.index.(html|htm)$ 0 40% 10080
refresh_pattern -i \.(html|htm|css|js)$ 1440 40% 40320
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200
override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200
90% 432000 override-expire ignore-no-cache ignore-no-store
ignore-private
refresh_pattern -i
\.(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff)$ 10080 90% 43200
override-expire ignore-no-cache ignore-no-store ignore-private


Remove all these unusable refresh_pattens to simplify the config.

Or move them about the default "." pattern so they start to actually work.

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE9 or 3.1.14
  Beta testers wanted for 3.2.0.10


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux