Le lundi 28 novembre 2011 à 12:05 +1300, Amos Jeffries a écrit : > On Sun, 27 Nov 2011 23:36:23 +0100, David Touzeau wrote: > > Dear > > > > I have this squid version : > > > > Squid Cache: Version 3.2.0.13-20111125-r11436 > > configure options: '--prefix=/usr' '--includedir=/include' > > '--mandir=/share/man' '--infodir=/share/info' '--localstatedir=/var' > > '--libexecdir=/lib/squid3' '--disable-maintainer-mode' > > '--disable-dependency-tracking' '--srcdir=.' > > '--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3' > > '--enable-gnuregex' '--enable-forward-log' > > '--enable-removal-policy=heap' '--enable-follow-x-forwarded-for' > > '--enable-http-violations' '--enable-large-cache-files' > > '--enable-removal-policies=lru,heap' '--enable-err-languages=English' > > '--enable-default-err-language=English' '--with-maxfd=32000' > > '--with-large-files' '--disable-dlmalloc' '--with-pthreads' > > '--enable-esi' '--enable-storeio=aufs,diskd,ufs,rock' > > '--with-aufs-threads=10' '--with-maxfd=16384' > > '--enable-x-accelerator-vary' '--with-dl' '--enable-truncate' > > '--enable-linux-netfilter' '--with-filedescriptors=16384' > > '--enable-wccpv2' '--enable-eui' '--enable-auth' > > '--enable-auth-basic' > > '--enable-auth-digest' '--enable-auth-negotiate-helpers' > > '--enable-log-daemon-helpers' '--enable-url-rewrite-helpers' > > '--enable-auth-ntlm' '--with-default-user=squid' > > '--enable-icap-client' > > '--enable-cache-digests' '--enable-icap-support' '--enable-poll' > > '--enable-epoll' '--enable-async-io' '--enable-delay-pools' > > 'CFLAGS=-DNUMTHREADS=60 -O3 -pipe -fomit-frame-pointer -funroll-loops > > -ffast-math -fno-exceptions' > > > > I cannot browse trough Internet and receive many errors in syslog : > > > > Nov 27 23:32:57 gibrat squid[15355]: SECURITY ALERT: By user agent: > > Opera/9.80 (X11; Linux i686; U; fr) Presto/2.9.168 Version/11.52 > > Nov 27 23:32:57 gibrat squid[15355]: SECURITY ALERT: on URL: > > http://192.168.1.1:49152/rootDesc.xml > > Nov 27 23:32:59 gibrat squid[15355]: SECURITY ALERT: By user agent: > > Opera/9.80 (X11; Linux i686; U; fr) Presto/2.9.168 Version/11.52 > > Nov 27 23:32:59 gibrat squid[15355]: SECURITY ALERT: on URL: > > http://clients1.google.com/complete/search?q=no-ip&client=opera&hl=fr > > > > Is it normal ?? > > These are the 2nd and 3rd lines of a "Host: header forgery" alert. The > first line explains what is being detected as wrong, these are the > supporting data to help track it down. > > Having just read your config details in the other thread, I expect this > is caused by a combination of your incomplete iptables NAT intercept > rules, and testing by configuring the browser to use the proxy NAT port > directly. That type of setup is dangerous and can expect this rejection > in 3.2. > > Amos > Amos, I would like to thank you about your technical answers and your huge squid technical skills. Your answers resolve my issue easly !! I'm your fan !
