Chris,
Your [open proxy] configuration prohibits Squid from going direct
("never_direct allow all") but does not configure any cache_peers as an
alternative. Thus, Squid cannot forward any requests. Either remove
never_direct or add cache_peer(s). I recommend the former as a simpler
starting point.
Also, AFAICT, you are using direct curl-to-Squid TCP connections while
testing an http_port configured for _intercepted_ traffic. Perhaps that
explains why Squid does not even respond with an error page, but I am
not sure.
HTH,
Alex.
On 8/30/22 13:32, Chris XMT wrote:
I'm still not having any luck. I'd like to just leave it open and I
understand that it could be abused. My "CURL" results are;
curl -v --proxy http://SQUID_SERVER:3128 -I http://www.example.com
* About to connect() to proxy SQUID_SERVER port 3128 (#0)____
* Trying xxx.xxx.xxx.xxx...____
* Connected to SQUID_SERVER (xxx.xxx.xxx.xxx) port 3128 (#0)____
> HEAD http://www.example.com/ <http://www.example.com/> HTTP/1.1____
> User-Agent: curl/7.29.0____
> Host: www.example.com <http://www.example.com/>____
> Accept: */*____
> Proxy-Connection: Keep-Alive____
>__ __
* Empty reply from server____
* Connection #0 to host SQUID_SERVER left intact____
curl: (52) Empty reply from server
This is my configuration;
dns_v4_first on
__
never_direct allow all
__
sslproxy_cert_error allow all____
__
http_port 3128 intercept____
acl all src all____
http_access allow all
__
__
acl Safe_ports port 443____
acl Safe_ports port 80 # http____
http_access deny !Safe_ports____
__ __
acl http proto http____
acl port_80 port 80____
acl port_443 port 443____
acl CONNECT method CONNECT____
__
debug_options ALL,1 33,2 28,9
On Wed, Aug 17, 2022 at 2:01 PM Alex Rousskov
<rousskov@xxxxxxxxxxxxxxxxxxxxxxx
<mailto:rousskov@xxxxxxxxxxxxxxxxxxxxxxx>> wrote:
On 8/15/22 21:49, Marcelo wrote:
> How can I transfer connection information from one squid server
to another?
Use cache_peer login=PASSTHRU or login=PASS. Other login=... options
may
also be of interest. See cache_peer documentation in your
squid.conf.documented for details and caveats.
HTH,
Alex.
> Example:
>
> An user connects to Squid One (Squid One IP 192.1.1.1) through
port 4000
> using usr/pw credentials.
>
> Squid One authenticates it via SQL DB. This part is already
working fine.
>
> Squid One verifies if destination website is in dst domain list.
>
> If yes Squid One routes it to Route A. End of story.
>
> If no Squid One routes it to Squid Two.
>
> But Squid One must inform Squid Two who is the user and witch
port he
> asked to connect.
>
> Why? Because Squid Two must use this info as if the user itself is
> connecting to Squid Two.
> Why, again? Because Squid Two will use this info to route this
user to
> the correct route. This part is also done.
>
> My doubt is, is there a way to make Squid Two “thinks” that user is
> connecting direct to Squid Two, so that, Squid Two can use user/port
> information to route this poor little guy.
>
> It’s a bit hard to explain it through email.
>
> Best Regards.
>
> Marcelo.
>
>
> _______________________________________________
> squid-users mailing list
> squid-users@xxxxxxxxxxxxxxxxxxxxx
<mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx>
> http://lists.squid-cache.org/listinfo/squid-users
<http://lists.squid-cache.org/listinfo/squid-users>
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
<mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx>
http://lists.squid-cache.org/listinfo/squid-users
<http://lists.squid-cache.org/listinfo/squid-users>
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
