Search squid archive

Re: Transparent Squid issue with Appstore in MacOS Sierra

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

here is my squid.conf http://pastebin.com/raw/9BTcpVkL

Here is what log looks like when i grep packates from Apple Devices when app store is opened.

1486551793.635    742 192.168.1.12 TAG_NONE/200 0 CONNECT 17.110.234.27:443 - ORIGINAL_DST/17.110.234.27 -
1486551796.343  30610 192.168.1.12 TAG_NONE/200 0 CONNECT 104.113.210.17:443 - HIER_NONE/- -
1486551796.343  30605 192.168.1.12 TCP_TUNNEL/200 30574 CONNECT init.itunes.apple.com:443 - ORIGINAL_DST/104.113.210.17 -
1486551799.097  30326 192.168.1.12 TAG_NONE/200 0 CONNECT 104.113.210.17:443 - HIER_NONE/- -
1486551799.097  30324 192.168.1.12 TCP_TUNNEL/200 30584 CONNECT init.itunes.apple.com:443 - ORIGINAL_DST/104.113.210.17 -
1486551799.502    726 192.168.1.12 TAG_NONE/200 0 CONNECT 17.110.234.27:443 - ORIGINAL_DST/17.110.234.27 -
2017/02/08 16:33:19 kid1| SECURITY ALERT: Host header forgery detected on local=17.173.66.101:443 remote=192.168.1.12:53158 FD 477 flags=33 (local IP does not match any domain IP)
1486551805.013  59549 192.168.1.12 TAG_NONE/200 0 CONNECT 17.110.234.27:443 - ORIGINAL_DST/17.110.234.27 -
2017/02/08 16:33:33 kid1| SECURITY ALERT: Host header forgery detected on local=104.113.210.17:443 remote=192.168.1.12:53159 FD 659 flags=33 (local IP does not match any domain IP)
1486551826.441  57130 192.168.1.12 TAG_NONE/200 0 CONNECT 17.173.66.96:443 - HIER_NONE/- -
1486551826.441  57052 192.168.1.12 TCP_TUNNEL/200 6671 CONNECT pd-st.itunes.apple.com:443 - ORIGINAL_DST/17.173.66.96 -
1486551852.061    211 192.168.1.12 TAG_NONE/200 0 CONNECT 104.113.210.11:443 - ORIGINAL_DST/104.113.210.11 -
1486551852.434    216 192.168.1.12 TCP_MISS/200 7010 GET https://configuration.apple.com/configurations/internetservices/cloudkit/cloudkit-1.0.plist - ORIGINAL_DST/104.113.210.11 text/xml
1486551881.425    234 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 -
1486551881.791    130 192.168.1.12 TCP_MISS_ABORTED/200 620 ACE https://guzzoni.apple.com/ace - ORIGINAL_DST/17.252.172.5 -
1486551882.684    207 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 -
1486551882.829    348 192.168.1.12 TCP_REFRESH_MODIFIED/200 415 HEAD http://www.apple.com/ - ORIGINAL_DST/104.113.211.46 text/html
1486551882.859     68 192.168.1.12 TCP_MISS/200 101 HEAD https://guzzoni.apple.com/salt - ORIGINAL_DST/17.252.172.5 -
1486551883.004    207 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 -
1486551883.083     67 192.168.1.12 TCP_MISS/406 133 HEAD https://guzzoni.apple.com/ace - ORIGINAL_DST/17.252.172.5 -
1486551884.123    202 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 -
1486551884.301     81 192.168.1.12 TCP_MISS_ABORTED/200 622 ACE https://guzzoni.apple.com/ace - ORIGINAL_DST/17.252.172.5 -
1486551886.908     43 192.168.1.12 TCP_REFRESH_MODIFIED/200 415 HEAD http://www.apple.com/ - ORIGINAL_DST/104.113.211.46 text/html
1486551887.085    207 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 -
1486551887.168     67 192.168.1.12 TCP_MISS/406 133 HEAD https://guzzoni.apple.com/ace - ORIGINAL_DST/17.252.172.5 -
1486551887.310    200 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 -
1486551887.416     68 192.168.1.12 TCP_MISS/200 101 HEAD https://guzzoni.apple.com/salt - ORIGINAL_DST/17.252.172.5 -


On Wed, Feb 8, 2017 at 12:35 AM, Hardik Dangar <hardikdangar+squid@xxxxxxxxx> wrote:
Hello,


Here is some information about my squid version,

Squid Cache: Version 3.5.23
Service Name: squid
configure options:  '--prefix=/usr' '--localstatedir=/var/squid' '--libexecdir=/lib/squid' '--srcdir=.' '--datadir=/share/squid' '--sysconfdir=/etc/squid' '--with-default-user=proxy' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' '--with-openssl' '--enable-ssl-crtd' '--enable-inline' '--disable-arch-native' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-follow-x-forwarded-for' '--enable-url-rewrite-helpers=fake' '--enable-ecap'


We are running squid as transparent proxy and have certs installed in all systems. Until recently all our systems were ubuntu or windows. Recently we added mac os Seirra and the biggest issue we had with mac is even after installing certificates. Few apps have problems.

Our biggest problem is Itunes Store. It just doesn't work for some reason. if we check the log we get random ip's trying to connect via 443 port but it doesn't connect.
Also Skype for Mac does not work. strangely this works for windows and ubuntu in our network. Again we see the same behavior.

both of these apps does not work even in Iphone and Ipad.

I believe someone must be able to configure transparent squid with Mac. can anyone tell me if i need to do anything extra for Mac setup.

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux