Are you using iptables? On Mon, Sep 15, 2014 at 4:07 PM, Job Muriuki <muriukin@gmail.com> wrote:
This is the stripped squid.conf
acl localnet src 172.16.0.0/16 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl localnet src 10.10.23.1-10.10.23.254 http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access allow localnet http_access allow localhost http_access allow localnet http_access deny manager http_access allow localnet http_access deny all htcp_access allow localnet http_port 3128 intercept cache_mem 256 MB maximum_object_size_in_memory 512 KB memory_replacement_policy lru cache_replacement_policy lru cache_dir ufs /var/spool/squid3 51200 16 256 #no limit maximum_object_size 512 MB cache_swap_low 90 cache_swap_high 95 access_log daemon:/var/log/squid3/access.log squid logfile_rotate 5 cache_log /var/log/squid3/cache.log coredump_dir /var/spool/squid3 refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600 refresh_pattern . 0 20% 4320 quick_abort_min 16 KB quick_abort_max 16 KB quick_abort_pct 95 half_closed_clients off shutdown_lifetime 0 seconds cache_effective_user proxy memory_pools on client_db on pipeline_prefetch on cache_effective_group proxy
Regards, Job Muriuki,
Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob
Address: 42665 00100 Nrb
On Mon, Sep 15, 2014 at 4:00 PM, Patrick Kariuki < patrick.kariuki@gmail.com> wrote:
Post your current squid.conf
On Mon, Sep 15, 2014 at 2:42 PM, Job Muriuki via skunkworks < skunkworks@lists.my.co.ke> wrote:
This is my network configuration
[image: Inline image 1]
I have even tried connecting the proxy server using 2 networks one for receive the users connections and the other as the internet gateway to no avail.
Regards, Job Muriuki,
Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob
Address: 42665 00100 Nrb
On Mon, Sep 15, 2014 at 1:16 PM, Job Muriuki <muriukin@gmail.com> wrote:
Hello,
Squid 3.3.8 is now working as the earlier versions I have used before in transparent mode. Its giving me "warning forwarding loop detected for" in cacge.log and "*Access Denied.*" on the browser.
Anyone with any pointers on how t use it in transparent mode?
Regards, Job Muriuki,
Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob
Address: 42665 00100 Nrb
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
