Search squid archive

Re: IpIntercept.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed on FD 4125: (2) No such file or directory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



First of all thanks for professional comments about configs . i was looking
for that 


Amos Jeffries-2 wrote
> Possibly the URL-rewriter. Depending on whether it is rewriting URLs to 
> point anywhere back at this proxy.

my jesred.rules contains

regexi	^http://(.+\.||)server.cn/.*		
302:http://www.netshahr.com/website-unavailable/
regexi	^http://cpe.management/.*			
302:http://www.netshahr.com/website-unavailable/
regexi	^http://wpad.domain.name/.*			
302:http://www.netshahr.com/website-unavailable/
regexi	^http://isatap.home/.*			
302:http://www.netshahr.com/website-unavailable/
regexi	^http://(.+\.||)scorecardresearch.com/.*	
302:http://www.netshahr.com/website-unavailable/



Amos Jeffries-2 wrote
> Also, Squid serves some content directly. Such as embeded objects in
> error pages, icons on FTP listing pages, cachemgr reports, cache peer
> communications. These require a regular forward-proxy http_port without
> intercept/tproxy options. Requests for these are being rejected by your
> config (to_mysef ACL) but will also get these NAT failures first. 

But these rules existed before and that problem did not occur . BTW i
commented those 2 lines to see what happens


Amos Jeffries-2 wrote
> What version of Squid are you using? 3.2 and later will silence the
> above problem most of the time but it is still corrupting your logs.

Sorry forgot to say .
Ubuntu Linux 12.10 x86_64  squid 3.1.20-1ubuntu1.1  . packages are default
ubuntu packages .


Amos Jeffries-2 wrote
> Please run "squid -k parse" over this config and fix anything it
> highlights. 

Highlights ?! you mean Warnings ? only following warnings appears after your
comments done . a bit explain please .

2013/10/11 13:46:12| WARNING: use of 'ignore-reload' in 'refresh_pattern'
violates HTTP
2013/10/11 13:46:12| WARNING: use of 'ignore-no-cache' in 'refresh_pattern'
violates HTTP
2013/10/11 13:46:12| WARNING: use of 'ignore-no-store' in 'refresh_pattern'
violates HTTP
2013/10/11 13:46:12| WARNING: use of 'ignore-private' in 'refresh_pattern'
violates HTTP
2013/10/11 13:46:12| WARNING: HTTP requires the use of Via


Amos Jeffries-2 wrote
> So what is the objection to via?
> 
>   Note that the special access controls you have to use to avoid the
> probems removing it is causing will not prevent relay loops which happen
> as 2-hop loops via the peer and will break the URLs being served up
> directly by this proxy. 

Tried to hide the proxy as possible . you suggest turn it on ?




--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/IpIntercept-cc-137-NetfilterInterception-NF-getsockopt-SO-ORIGINAL-DST-failed-on-FD-4125-2-No-such-fy-tp4662558p4662578.html
Sent from the Squid - Users mailing list archive at Nabble.com.




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux