On 20/10/18 6:04 AM, Alex Rousskov wrote: > On 10/19/2018 01:10 AM, houheming wrote: >> https_port 443 ... >> https_port 180.97.33.107:443 ... >> https_port 180.97.33.108:443 ... > > I am not sure, but perhaps the first https_port line (the one without an > explicit IP address) should come _last_ so that Squid can listen on the > addresses that remain after 180.97.33.107 and 180.97.33.108 are taken by > the other two ports? I think that is what was meant by "If I switch line1 with line2 and line3 ..., then only line2 and line3 will get its chance to work, line1 will not work. " The problem is that TCP does not permit any IP:port combination to have two simultaneous listening sockets with different parameters. These configuration lines differ in both address and protocol they are receiving. houheming: you have to use different ports to receive the traffic into Squid. Since you are using TPROXY there is no requirement for the proxy listening port to be 443. Squid can listen on any port you want. This problem should disappear if you set the wildcard port to another number and update the TPROXY rule which is sending traffic to it. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
