problem whith squid and google search engine

Дмитрий Шиленко <d.shylenko@xxxxxxxxxxxxxxxx> · Tue, 10 Jun 2014 00:30:22 +0300

that's what gives me Google immediately after the start of the SQUID:

"Google sorry.... We're sorry ...but your computer or network may be sending 
automated queries. To protect our osers, we can't process your request right 
now."

and I found these lines in access.log:

"1402348733.904      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 09
1402348733.910      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348733.993      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348733.999      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348734.083      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348734.089      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348734.161     31 82.230.87.168 TCP_DENIED/403 3643 CONNECT 
66.163.169.178:443 - HIER_NONE/- text/html [User-Agent: Mozilla/4.0 
(compatible; Win32; WinHttp.WinHttpR
1402348734.173      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348734.177      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348734.721     31 182.84.98.180 TCP_DENIED/403 3770 GET 
http://www.tonxshop.com/ - HIER_NONE/- text/html [Accept: */*\r\nReferer: 
http://www.baidu.com\r\nAccept-Lan
1402348735.261      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348735.266      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348735.350      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348735.356      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348735.372     33 114.45.156.32 TCP_DENIED/403 3473 GET 
http://www.google.com/ - HIER_NONE/- text/html [Host: www.google.com\r\n] 
[HTTP/1.1 403 Forbidden\r\nServer:
1402348735.409     31 46.4.101.88 TCP_DENIED/403 3779 GET 
http://us.search.yahoo.com/search? - HIER_NONE/- text/html [Accept: 
text/html\r\nUser-Agent: &as_qdr=all\r\nHo
1402348735.440      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348735.444      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348735.528      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348735.534      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348735.619      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348735.622      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348735.709      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348735.712      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348735.791      0 182.84.98.180 TCP_DENIED/403 3770 GET 
http://www.tonxshop.com/ - HIER_NONE/- text/html [Accept: */*\r\nReferer: 
http://www.baidu.com\r\nAccept-Lan
1402348735.798      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348735.802      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348735.887      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348735.890      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348735.965      0 182.84.98.180 TCP_DENIED/403 3829 GET 
http://www.tonxshop.com/user/User_Login.asp - HIER_NONE/- text/html [Accept: 
*/*\r\nReferer: http://www.baid
1402348735.976      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348735.980      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348736.005     32 93.92.217.228 TCP_DENIED/403 3572 CONNECT 
twitter.com:443 - HIER_NONE/- text/html [Host: 
twitter.com\r\nProxy-Connection: Keep-Alive\r\nUser-Agent
1402348736.064      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348736.068      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
1402348736.153      0 94.102.49.2 NONE/400 247 HEAD / - HIER_NONE/- text/html 
[] [HTTP/1.1 400 Bad Request\r\nServer: squid/3.3.11\r\nMime-Version: 
1.0\r\nDate: Mon, 09
1402348736.159      0 94.102.49.2 NONE/400 3770 POST / - HIER_NONE/- 
text/html [] [HTTP/1.1 400 Bad Request\r\nServer: 
squid/3.3.11\r\nMime-Version: 1.0\r\nDate: Mon, 0
"
-------------------------------------------------------------------------------------------------------------------
Дмитрий Шиленко писал 09.06.2014 10:26:
my mistake - I have this line commented out in the original configuration. 
When I put the configuration in a letter - accidentally deleted the comment 
character "#"

Amos Jeffries писал 09.06.2014 10:12:
On 9/06/2014 6:24 p.m., Дмитрий Шиленко wrote:
This is my config file:

http_port 127.0.0.1:3128
http_port 127.0.0.1:3129 intercept

Okay, so Squid takes in:
 * forward-proxy traffic to port 3128
 * NAT intercepted port 80 traffc (via port 3129)

Google does not use HTTP anymore. They use HTTPS almost exclusively.
Which means port 443 TLS encrypted traffic or CONNECT requests over port
3128.

But...

connect_timeout 20 second
dns_v4_first on
shutdown_lifetime 1 seconds
cache deny all
#cache_mem 256 MB
#maximum_object_size_in_memory 512 KB
coredump_dir /usr/local/squid
access_log daemon:/usr/local/squid/log/access.log squid
#strip_query_terms off
log_mime_hdrs on
#forwarded_for transparent
#via off
cache_mgr root@localhost
visible_hostname proxy.localnet.local

acl localnet src 192.168.0.0/24 # RFC1918 possible internal network
acl CONNECT method CONNECT
acl AdminsIP src "/usr/local/etc/squid/AccessLists/AdminsIP.txt"
acl RestrictedDomains dstdomain
"/usr/local/etc/squid/AccessLists/RestrictedDomains.txt"
acl MimeAudioVideo  rep_mime_type audio video
acl UrlIP url_regex -i
^http://[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/.*

http_access allow manager localhost
#http_access allow manager CacheManagerIP
http_access deny manager
#Значение disable all отключает управление кэшем
#cachemgr_passwd disable all

http_access deny CONNECT

... you have denied all use of CONNECT. Even to transfer HTTPS.

The default recommended config has "!SSL_Ports" on the end of that line
in order to permit HTTPS traffic like google through the proxy.

Also, check that you are NOT intercepting or bocking port 443. Your
Squid is currently not setup to handle TLS/SSL.

Amos

http_access deny to_localhost
http_access allow AdminsIP
http_access deny RestrictedDomains
#http_access deny UrlIP
http_access allow localnet
http_access deny all
#http_reply_access allow AdminsIP
#http_reply_access deny MimeAudioVideo
http_reply_access allow all
#refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

Amos Jeffries писал 09.06.2014 04:11:
On 9/06/2014 3:10 a.m., Дмитрий Шиленко wrote:
There is a very strange problem. I have freebsd 9.1 gateway configured
with ipfv ipnat and I decided to set up a squid. Installed from ports
SQUID 3.3. As soon as I run it - gugle.tsom immediately blocks my
network and try to access the search engine says that my requests are
sent automatically.Once turn off the squid - all ok. Prompt in what
could be the problem?

Something in the configuration. But you omitted those details aong with
the actual error message details. So we cannot help more than that.

Amos

--
 С ув. Шиленко Дмитрий
 Системный инженер
 global-it.com.ua
 моб. (063)142-32-59
 офис 221-55-72