First of all thanks for professional comments about configs . i was looking for that Amos Jeffries-2 wrote > Possibly the URL-rewriter. Depending on whether it is rewriting URLs to > point anywhere back at this proxy. my jesred.rules contains regexi ^http://(.+\.||)server.cn/.* 302:http://www.netshahr.com/website-unavailable/ regexi ^http://cpe.management/.* 302:http://www.netshahr.com/website-unavailable/ regexi ^http://wpad.domain.name/.* 302:http://www.netshahr.com/website-unavailable/ regexi ^http://isatap.home/.* 302:http://www.netshahr.com/website-unavailable/ regexi ^http://(.+\.||)scorecardresearch.com/.* 302:http://www.netshahr.com/website-unavailable/ Amos Jeffries-2 wrote > Also, Squid serves some content directly. Such as embeded objects in > error pages, icons on FTP listing pages, cachemgr reports, cache peer > communications. These require a regular forward-proxy http_port without > intercept/tproxy options. Requests for these are being rejected by your > config (to_mysef ACL) but will also get these NAT failures first. But these rules existed before and that problem did not occur . BTW i commented those 2 lines to see what happens Amos Jeffries-2 wrote > What version of Squid are you using? 3.2 and later will silence the > above problem most of the time but it is still corrupting your logs. Sorry forgot to say . Ubuntu Linux 12.10 x86_64 squid 3.1.20-1ubuntu1.1 . packages are default ubuntu packages . Amos Jeffries-2 wrote > Please run "squid -k parse" over this config and fix anything it > highlights. Highlights ?! you mean Warnings ? only following warnings appears after your comments done . a bit explain please . 2013/10/11 13:46:12| WARNING: use of 'ignore-reload' in 'refresh_pattern' violates HTTP 2013/10/11 13:46:12| WARNING: use of 'ignore-no-cache' in 'refresh_pattern' violates HTTP 2013/10/11 13:46:12| WARNING: use of 'ignore-no-store' in 'refresh_pattern' violates HTTP 2013/10/11 13:46:12| WARNING: use of 'ignore-private' in 'refresh_pattern' violates HTTP 2013/10/11 13:46:12| WARNING: HTTP requires the use of Via Amos Jeffries-2 wrote > So what is the objection to via? > > Note that the special access controls you have to use to avoid the > probems removing it is causing will not prevent relay loops which happen > as 2-hop loops via the peer and will break the URLs being served up > directly by this proxy. Tried to hide the proxy as possible . you suggest turn it on ? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/IpIntercept-cc-137-NetfilterInterception-NF-getsockopt-SO-ORIGINAL-DST-failed-on-FD-4125-2-No-such-fy-tp4662558p4662578.html Sent from the Squid - Users mailing list archive at Nabble.com.
