On 2024-08-31 15:00, Scott Bates wrote:
The squid logs show traffic going to the expected destinations.
I assume that the above statement does _not_ talk about problematic
traffic. In other words, Squid does handle some transactions, but not
the problematic transactions you are asking about. I believe the above
observation confirms part (a) of my working theory.
If I look at wireshark on one of the client systems I do see some http
entries going to those destinations through the squid server.
OK, for the purpose of this email thread, ignore traffic going through
the Squid server.
However
most of the traffic (UDP / TCP) doesn't seem to be going through the
squid server.
UDP: Squid does not proxy UDP-based protocols. If you want to proxy UDP,
Squid is not the solution.
TCP: Squid can proxy HTTP/1 and FTP transactions (over TCP). Does that
problematic TCP traffic in question contain HTTP or FTP transactions
(i.e. originates from HTTP or FTP clients running on test VMs)? If not,
then your existing "HTTP proxy configuration" on test VMs is probably
not applicable -- the clients on those VMs probably ignore that HTTP
proxy setting because they do not talk HTTP...
I'm not sure how to force all traffic to use squid on the client system.
I do not know enough about Windows to help you with this Squid-unrelated
configuration, but please note that since Squid cannot proxy traffic
other than HTTP and FTP, you probably do not want to force traffic other
than HTTP and FTP through Squid. In other words, Squid is not a
"universal" proxy that can proxy everything.
HTH,
Alex.
On 2024-08-28 09:14, Alex Rousskov wrote:
On 2024-08-28 08:52, Scott Bates wrote:
Alex: What protocol do those external services use in problematic use
cases?>> Does Squid see the corresponding requests from VMs?
Squid can only proxy HTTP and FTP...
http and https only
Does Squid log the corresponding problematic transactions to its
access.log?
The weird thing is I have an android test phone that also goes through
squid and that device shows the correct IP on the online services.
My working theory is that (a) android test phone goes through Squid
(i.e. uses Squid as an HTTP proxy) while (b) the problematic test
traffic does not (i.e. goes directly to the external service).
The first guess can be confirmed using access.log (should be trivial in
an isolated test environment). The second guess can be confirmed by
packet capture analysis (may not be trivial in a virtualized environment
and on Windows).
HTH,
Alex.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users
