You simply need to comment out the "http_port XXXXX intercept" and give the process a HUP. I am using squid like that in a situation where both my PC and the one squid is running on have the same default route to the Internet. My Unix box: wash@jaribu:~$ netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.40.3 UGS 0 622022 em0 127.0.0.1 link#12 UH 0 29944 lo0 192.168.40.0/24 link#1 U 0 16456 em0 192.168.40.252 link#1 UHS 0 0 lo0 Windows PC: C:\Users\odhia_000>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Ethernet adapter Ethernet: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::2492:86dc:cf53:ecff%3 IPv4 Address. . . . . . . . . . . : 192.168.1.83 Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.40.83 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.40.3 On 18 September 2014 13:58, Job Muriuki <muriukin@gmail.com> wrote:
I have only managed to use squid if the box is used as a router, and NAT all traffic through it. But if I try to use it as a stand alone server just serving proxy requests and Getting the Forward loop detection.
Which other manuals are out there I can go through?
Regards, Job Muriuki,
Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob
Address: 42665 00100 Nrb
On Wed, Sep 17, 2014 at 9:28 PM, Odhiambo Washington via skunkworks < skunkworks@lists.my.co.ke> wrote:
Hahaa.. RTFM backwards that is.
On Wednesday, 17 September 2014, lucas oketch via skunkworks < skunkworks@lists.my.co.ke> wrote:
Try changing http_port x.x.x.x:3128 intercept to http_port x.x.x.x:3128 transparent
Thanks, Lucas. On 17 Sep 2014 13:30, "Evon Wangari via skunkworks" < skunkworks@lists.my.co.ke> wrote:
google, http://www.squid-cache.org/ hiyo mambo yote.
On Mon, Sep 15, 2014 at 4:30 PM, Job Muriuki via skunkworks < skunkworks@lists.my.co.ke> wrote:
Am using shorewall as the firewall.
Regards, Job Muriuki,
Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob
Address: 42665 00100 Nrb
On Mon, Sep 15, 2014 at 4:23 PM, Patrick Kariuki < patrick.kariuki@gmail.com> wrote:
Are you using iptables?
On Mon, Sep 15, 2014 at 4:07 PM, Job Muriuki <muriukin@gmail.com> wrote:
> This is the stripped squid.conf > > acl localnet src 172.16.0.0/16 # RFC1918 possible internal network > acl localnet src 192.168.0.0/16 # RFC1918 possible internal network > acl SSL_ports port 443 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT > acl localnet src 10.10.23.1-10.10.23.254 > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access allow localhost manager > http_access allow localnet > http_access allow localhost > http_access allow localnet > http_access deny manager > http_access allow localnet > http_access deny all > htcp_access allow localnet > http_port 3128 intercept > cache_mem 256 MB > maximum_object_size_in_memory 512 KB > memory_replacement_policy lru > cache_replacement_policy lru > cache_dir ufs /var/spool/squid3 51200 16 256 > #no limit > maximum_object_size 512 MB > cache_swap_low 90 > cache_swap_high 95 > access_log daemon:/var/log/squid3/access.log squid > logfile_rotate 5 > cache_log /var/log/squid3/cache.log > coredump_dir /var/spool/squid3 > refresh_pattern -i > \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 20160 > 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims > refresh_pattern -i > \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 20160 > 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims > refresh_pattern -i > \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 20160 > 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims > refresh_pattern -i > \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) > 20160 80% 20160 ignore-no-cache override-expire override-lastmod > reload-into-ims > refresh_pattern -i > \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) > 20160 80% 20160 ignore-no-cache override-expire override-lastmod > reload-into-ims > refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 > refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 > refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 > refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600 > refresh_pattern . 0 20% 4320 > quick_abort_min 16 KB > quick_abort_max 16 KB > quick_abort_pct 95 > half_closed_clients off > shutdown_lifetime 0 seconds > cache_effective_user proxy > memory_pools on > client_db on > pipeline_prefetch on > cache_effective_group proxy > > > Regards, > Job Muriuki, > > Phone: (+254) - 722906324 | 736333075 > Skype: heviejob | Yahoo: heviejob > > Address: 42665 00100 Nrb > > > > > On Mon, Sep 15, 2014 at 4:00 PM, Patrick Kariuki < > patrick.kariuki@gmail.com> wrote: > >> Post your current squid.conf >> >> On Mon, Sep 15, 2014 at 2:42 PM, Job Muriuki via skunkworks < >> skunkworks@lists.my.co.ke> wrote: >> >>> This is my network configuration >>> >>> [image: Inline image 1] >>> >>> I have even tried connecting the proxy server using 2 networks one >>> for receive the users connections >>> and the other as the internet gateway to no avail. >>> >>> >>> >>> >>> >>> Regards, >>> Job Muriuki, >>> >>> Phone: (+254) - 722906324 | 736333075 >>> Skype: heviejob | Yahoo: heviejob >>> >>> Address: 42665 00100 Nrb >>> >>> >>> >>> >>> On Mon, Sep 15, 2014 at 1:16 PM, Job Muriuki <muriukin@gmail.com> >>> wrote: >>> >>>> Hello, >>>> >>>> Squid 3.3.8 is now working as the earlier versions I have used >>>> before in transparent mode. >>>> Its giving me "warning forwarding loop detected for" in cacge.log >>>> and "*Access Denied.*" on the browser. >>>> >>>> Anyone with any pointers on how t use it in transparent mode? >>>> >>>> Regards, >>>> Job Muriuki, >>>> >>>> Phone: (+254) - 722906324 | 736333075 >>>> Skype: heviejob | Yahoo: heviejob >>>> >>>> Address: 42665 00100 Nrb >>>> >>>> >>>> >>>> >>> >>> _______________________________________________ >>> skunkworks mailing list >>> skunkworks@lists.my.co.ke >>> ------------ >>> List info, subscribe/unsubscribe >>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>> ------------ >>> >>> Skunkworks Rules >>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>> ------------ >>> Other services @ http://my.co.ke >>> >> >> >
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."
