Search squid archive

Re: icap not answering

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 05.03.19 06:13, Amos Jeffries wrote:
On 5/03/19 12:10 pm, steven wrote:
Ah thank you for that clarification, the python icap servers i tested so
far are not very promissing but at least theres a connection now.

sadly squid does not allow http access at all, only https access.

Er, that would be because the only http_port you have is configured with
'accl' - making it a reverse-proxy port. But you do not have any
cache_peer configured to handle that type of traffic.


So, is there any particular reason you have that port receiving 'accel'
/ reverse-proxy mode traffic?
 If not remove that mode flag and things should all work for HTTP too.


removed the accel mode but still no luck with http, when opening the adress:

http://squid-web-proxy-cache.1019090.n4.nabble.com/http-port-with-quot-transparent-quot-or-quot-intercept-quot-td4677133.html


The following error was encountered while trying to retrieve the URL: /http-port-with-quot-transparent-quot-or-quot-intercept-quot-td4677133.html


invalid url




in this tutorial:

https://www.reddit.com/r/sysadmin/comments/a67hly/squid_proxy_a_short_guide_forward_transparent/


the guy uses two ports for http like this:

http_port 3128
# Listen on this HTTP port, intercepting requests
http_port 3129 intercept

and then with iptables he redirects 80 to port 3129

which does not work here :(


export http_proxy=http://192.168.10.215:3140 && wget google.de        # im using 3140 as intercept port. config at the end.

--2019-03-10 20:20:56--  http://google.de/
Connecting to 192.168.10.215:3140... connected.
Proxy request sent, awaiting response... 403 Forbidden
2019-03-10 20:20:56 ERROR 403: Forbidden.

cache.log entry:

2019/03/10 20:16:20 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1
User-Agent: Wget/1.19.4 (linux-gnu)
Accept: */*
Accept-Encoding: identity
Via: 1.1 backup (squid/4.4)
Cache-Control: max-age=259200
Connection: keep-alive
Host: google.de



and with:

export http_proxy=http://192.168.10.215:3129 && wget google.de

no cache .log entry, wget output:

--2019-03-10 20:22:42--  (try: 2)  http://google.de/
Connecting to 192.168.10.215:3129... connected.
Proxy request sent, awaiting response... No data received.
Retrying.


why does my client get a 403?






grep -v '#' squid.conf


icap_enable off
icap_preview_enable off
icap_send_client_ip on
icap_send_client_username on
icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/request
adaptation_access service_req allow all
icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/response
adaptation_access service_resp allow all
acl localnet src 192.168.10.0/24
http_access allow localnet
coredump_dir /var/spool/squid
refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
refresh_pattern .        0    20%    4320
http_port 3128
http_port 3140 intercept
https_port 3129 ssl-bump intercept generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/myCA.pem
sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/ssl_db -M 4MB
acl step1 at_step SslBump1

ssl_bump peek step1
ssl_bump bump all




_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux