On Dec 31, 2011, at 4:00 PM, jeffrey j donovan wrote: > greetings, Im stuck and im not sure what part I should re-do. > > I have an xserve running 10.6.8 > > I have clients routing through the system just fine with ipfw. they can access the internet via a NAT on the otherside of the squid. > > compiled squid 3.1.18 > Squid Cache: Version 3.1.18 > configure options: '--enable-icmp' '--enable-delay-pools' '--disable-htcp' '--enable-ipfw-transparent' '--enable-snmp' '--enable-underscores' '--enable-basic-auth-helpers=NCSA,LDAP' --with-squid=/usr/local/squid-3.1.18 --enable-ltdl-convenience > > squid starts > > > squid3:sbin root# ./squid -d1X > squid3:sbin root# 2011/12/31 15:44:18| Starting Squid Cache version 3.1.18 for i686-apple-darwin10.8.0... > snip > I can see the packets being fwd' to squid > > 00500 5 240 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 > 00500 111 6448 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 > 00500 117 6832 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 > 00500 122 7088 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 > > > nothing shows up in my access.log, squid never gets the hit. > > So,.. I think it's compiled correctly, but im not sure if I should re-compile this version or try another. Or maybe try with other options. > Anyone know any fancy lsof or greps i can use to find out whats happening ? > > any suggestions ? - this same setup worked under 3.1.11 with osx 10.5 > > -j okay I got squid to take a hit. The system is not operating in intercept mode. I just connected to it with my client. I had to specify the proxy settings in the system or browser. it appears it is not working in intercept mode. here is my relevant squid.conf http_port 10.10.60.55:3128 intercept result when squid starts; 2011/12/31 15:44:18| Accepting intercepted HTTP connections at 10.10.60.55:3128, FD 13. here is a question. -- Whats the best version of squid, If I only want the intercept and redirect feature. 2.7 or 3.1.x? on my traditional cache proxy systems, 3.1.+ is the way to go, but intercept does not require (in my case) cache and authentication. Is 3.1.18 where I should stay is what im asking. -j