Post your current squid.conf On Mon, Sep 15, 2014 at 2:42 PM, Job Muriuki via skunkworks < skunkworks@lists.my.co.ke> wrote:

This is my network configuration

[image: Inline image 1]

I have even tried connecting the proxy server using 2 networks one for receive the users connections and the other as the internet gateway to no avail.

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Mon, Sep 15, 2014 at 1:16 PM, Job Muriuki <muriukin@gmail.com> wrote:

...

Hello,

Squid 3.3.8 is now working as the earlier versions I have used before in transparent mode. Its giving me "warning forwarding loop detected for" in cacge.log and "*Access Denied.*" on the browser.

Anyone with any pointers on how t use it in transparent mode?

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

Are you using iptables? On Mon, Sep 15, 2014 at 4:07 PM, Job Muriuki <muriukin@gmail.com> wrote:

This is the stripped squid.conf

acl localnet src 172.16.0.0/16 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl localnet src 10.10.23.1-10.10.23.254 http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access allow localnet http_access allow localhost http_access allow localnet http_access deny manager http_access allow localnet http_access deny all htcp_access allow localnet http_port 3128 intercept cache_mem 256 MB maximum_object_size_in_memory 512 KB memory_replacement_policy lru cache_replacement_policy lru cache_dir ufs /var/spool/squid3 51200 16 256 #no limit maximum_object_size 512 MB cache_swap_low 90 cache_swap_high 95 access_log daemon:/var/log/squid3/access.log squid logfile_rotate 5 cache_log /var/log/squid3/cache.log coredump_dir /var/spool/squid3 refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600 refresh_pattern . 0 20% 4320 quick_abort_min 16 KB quick_abort_max 16 KB quick_abort_pct 95 half_closed_clients off shutdown_lifetime 0 seconds cache_effective_user proxy memory_pools on client_db on pipeline_prefetch on cache_effective_group proxy

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Mon, Sep 15, 2014 at 4:00 PM, Patrick Kariuki < patrick.kariuki@gmail.com> wrote:

...

Post your current squid.conf

On Mon, Sep 15, 2014 at 2:42 PM, Job Muriuki via skunkworks < skunkworks@lists.my.co.ke> wrote:

...

This is my network configuration

[image: Inline image 1]

I have even tried connecting the proxy server using 2 networks one for receive the users connections and the other as the internet gateway to no avail.

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Mon, Sep 15, 2014 at 1:16 PM, Job Muriuki <muriukin@gmail.com> wrote:

...

Hello,

Squid 3.3.8 is now working as the earlier versions I have used before in transparent mode. Its giving me "warning forwarding loop detected for" in cacge.log and "*Access Denied.*" on the browser.

Anyone with any pointers on how t use it in transparent mode?

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

google, http://www.squid-cache.org/ hiyo mambo yote. On Mon, Sep 15, 2014 at 4:30 PM, Job Muriuki via skunkworks < skunkworks@lists.my.co.ke> wrote:

Am using shorewall as the firewall.

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Mon, Sep 15, 2014 at 4:23 PM, Patrick Kariuki < patrick.kariuki@gmail.com> wrote:

...

Are you using iptables?

On Mon, Sep 15, 2014 at 4:07 PM, Job Muriuki <muriukin@gmail.com> wrote:

...

This is the stripped squid.conf

acl localnet src 172.16.0.0/16 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl localnet src 10.10.23.1-10.10.23.254 http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access allow localnet http_access allow localhost http_access allow localnet http_access deny manager http_access allow localnet http_access deny all htcp_access allow localnet http_port 3128 intercept cache_mem 256 MB maximum_object_size_in_memory 512 KB memory_replacement_policy lru cache_replacement_policy lru cache_dir ufs /var/spool/squid3 51200 16 256 #no limit maximum_object_size 512 MB cache_swap_low 90 cache_swap_high 95 access_log daemon:/var/log/squid3/access.log squid logfile_rotate 5 cache_log /var/log/squid3/cache.log coredump_dir /var/spool/squid3 refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600 refresh_pattern . 0 20% 4320 quick_abort_min 16 KB quick_abort_max 16 KB quick_abort_pct 95 half_closed_clients off shutdown_lifetime 0 seconds cache_effective_user proxy memory_pools on client_db on pipeline_prefetch on cache_effective_group proxy

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Mon, Sep 15, 2014 at 4:00 PM, Patrick Kariuki < patrick.kariuki@gmail.com> wrote:

...

Post your current squid.conf

On Mon, Sep 15, 2014 at 2:42 PM, Job Muriuki via skunkworks < skunkworks@lists.my.co.ke> wrote:

...

This is my network configuration

[image: Inline image 1]

I have even tried connecting the proxy server using 2 networks one for receive the users connections and the other as the internet gateway to no avail.

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Mon, Sep 15, 2014 at 1:16 PM, Job Muriuki <muriukin@gmail.com> wrote:

...

Hello,

Squid 3.3.8 is now working as the earlier versions I have used before in transparent mode. Its giving me "warning forwarding loop detected for" in cacge.log and "*Access Denied.*" on the browser.

Anyone with any pointers on how t use it in transparent mode?

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

Hahaa.. RTFM backwards that is. On Wednesday, 17 September 2014, lucas oketch via skunkworks < skunkworks@lists.my.co.ke> wrote:

Try changing http_port x.x.x.x:3128 intercept to http_port x.x.x.x:3128 transparent

Thanks, Lucas. On 17 Sep 2014 13:30, "Evon Wangari via skunkworks" < skunkworks@lists.my.co.ke <javascript:_e(%7B%7D,'cvml','skunkworks@lists.my.co.ke');>> wrote:

...

google, http://www.squid-cache.org/ hiyo mambo yote.

On Mon, Sep 15, 2014 at 4:30 PM, Job Muriuki via skunkworks < skunkworks@lists.my.co.ke <javascript:_e(%7B%7D,'cvml','skunkworks@lists.my.co.ke');>> wrote:

...

Am using shorewall as the firewall.

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Mon, Sep 15, 2014 at 4:23 PM, Patrick Kariuki < patrick.kariuki@gmail.com <javascript:_e(%7B%7D,'cvml','patrick.kariuki@gmail.com');>> wrote:

...

Are you using iptables?

On Mon, Sep 15, 2014 at 4:07 PM, Job Muriuki <muriukin@gmail.com <javascript:_e(%7B%7D,'cvml','muriukin@gmail.com');>> wrote:

...

This is the stripped squid.conf

acl localnet src 172.16.0.0/16 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl localnet src 10.10.23.1-10.10.23.254 http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access allow localnet http_access allow localhost http_access allow localnet http_access deny manager http_access allow localnet http_access deny all htcp_access allow localnet http_port 3128 intercept cache_mem 256 MB maximum_object_size_in_memory 512 KB memory_replacement_policy lru cache_replacement_policy lru cache_dir ufs /var/spool/squid3 51200 16 256 #no limit maximum_object_size 512 MB cache_swap_low 90 cache_swap_high 95 access_log daemon:/var/log/squid3/access.log squid logfile_rotate 5 cache_log /var/log/squid3/cache.log coredump_dir /var/spool/squid3 refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600 refresh_pattern . 0 20% 4320 quick_abort_min 16 KB quick_abort_max 16 KB quick_abort_pct 95 half_closed_clients off shutdown_lifetime 0 seconds cache_effective_user proxy memory_pools on client_db on pipeline_prefetch on cache_effective_group proxy

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Mon, Sep 15, 2014 at 4:00 PM, Patrick Kariuki < patrick.kariuki@gmail.com <javascript:_e(%7B%7D,'cvml','patrick.kariuki@gmail.com');>> wrote:

...

Post your current squid.conf

On Mon, Sep 15, 2014 at 2:42 PM, Job Muriuki via skunkworks < skunkworks@lists.my.co.ke <javascript:_e(%7B%7D,'cvml','skunkworks@lists.my.co.ke');>> wrote:

> This is my network configuration > > [image: Inline image 1] > > I have even tried connecting the proxy server using 2 networks one > for receive the users connections > and the other as the internet gateway to no avail. > > > > > > Regards, > Job Muriuki, > > Phone: (+254) - 722906324 | 736333075 > Skype: heviejob | Yahoo: heviejob > > Address: 42665 00100 Nrb > > > > > On Mon, Sep 15, 2014 at 1:16 PM, Job Muriuki <muriukin@gmail.com > <javascript:_e(%7B%7D,'cvml','muriukin@gmail.com');>> wrote: > >> Hello, >> >> Squid 3.3.8 is now working as the earlier versions I have used >> before in transparent mode. >> Its giving me "warning forwarding loop detected for" in cacge.log >> and "*Access Denied.*" on the browser. >> >> Anyone with any pointers on how t use it in transparent mode? >> >> Regards, >> Job Muriuki, >> >> Phone: (+254) - 722906324 | 736333075 >> Skype: heviejob | Yahoo: heviejob >> >> Address: 42665 00100 Nrb >> >> >> >> > > _______________________________________________ > skunkworks mailing list > skunkworks@lists.my.co.ke > <javascript:_e(%7B%7D,'cvml','skunkworks@lists.my.co.ke');> > ------------ > List info, subscribe/unsubscribe > http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks > ------------ > > Skunkworks Rules > http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 > ------------ > Other services @ http://my.co.ke >

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke <javascript:_e(%7B%7D,'cvml','skunkworks@lists.my.co.ke');> ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke <javascript:_e(%7B%7D,'cvml','skunkworks@lists.my.co.ke');> ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."

You simply need to comment out the "http_port XXXXX intercept" and give the process a HUP. I am using squid like that in a situation where both my PC and the one squid is running on have the same default route to the Internet. My Unix box: wash@jaribu:~$ netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.40.3 UGS 0 622022 em0 127.0.0.1 link#12 UH 0 29944 lo0 192.168.40.0/24 link#1 U 0 16456 em0 192.168.40.252 link#1 UHS 0 0 lo0 Windows PC: C:\Users\odhia_000>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Ethernet adapter Ethernet: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::2492:86dc:cf53:ecff%3 IPv4 Address. . . . . . . . . . . : 192.168.1.83 Subnet Mask . . . . . . . . . . . : 255.255.255.0 IPv4 Address. . . . . . . . . . . : 192.168.40.83 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.40.3 On 18 September 2014 13:58, Job Muriuki <muriukin@gmail.com> wrote:

I have only managed to use squid if the box is used as a router, and NAT all traffic through it. But if I try to use it as a stand alone server just serving proxy requests and Getting the Forward loop detection.

Which other manuals are out there I can go through?

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Wed, Sep 17, 2014 at 9:28 PM, Odhiambo Washington via skunkworks < skunkworks@lists.my.co.ke> wrote:

...

Hahaa.. RTFM backwards that is.

On Wednesday, 17 September 2014, lucas oketch via skunkworks < skunkworks@lists.my.co.ke> wrote:

...

Try changing http_port x.x.x.x:3128 intercept to http_port x.x.x.x:3128 transparent

Thanks, Lucas. On 17 Sep 2014 13:30, "Evon Wangari via skunkworks" < skunkworks@lists.my.co.ke> wrote:

...

google, http://www.squid-cache.org/ hiyo mambo yote.

On Mon, Sep 15, 2014 at 4:30 PM, Job Muriuki via skunkworks < skunkworks@lists.my.co.ke> wrote:

...

Am using shorewall as the firewall.

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Mon, Sep 15, 2014 at 4:23 PM, Patrick Kariuki < patrick.kariuki@gmail.com> wrote:

...

Are you using iptables?

On Mon, Sep 15, 2014 at 4:07 PM, Job Muriuki <muriukin@gmail.com> wrote:

> This is the stripped squid.conf > > acl localnet src 172.16.0.0/16 # RFC1918 possible internal network > acl localnet src 192.168.0.0/16 # RFC1918 possible internal network > acl SSL_ports port 443 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT > acl localnet src 10.10.23.1-10.10.23.254 > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access allow localhost manager > http_access allow localnet > http_access allow localhost > http_access allow localnet > http_access deny manager > http_access allow localnet > http_access deny all > htcp_access allow localnet > http_port 3128 intercept > cache_mem 256 MB > maximum_object_size_in_memory 512 KB > memory_replacement_policy lru > cache_replacement_policy lru > cache_dir ufs /var/spool/squid3 51200 16 256 > #no limit > maximum_object_size 512 MB > cache_swap_low 90 > cache_swap_high 95 > access_log daemon:/var/log/squid3/access.log squid > logfile_rotate 5 > cache_log /var/log/squid3/cache.log > coredump_dir /var/spool/squid3 > refresh_pattern -i > \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 20160 > 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims > refresh_pattern -i > \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 20160 > 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims > refresh_pattern -i > \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 20160 > 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims > refresh_pattern -i > \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) > 20160 80% 20160 ignore-no-cache override-expire override-lastmod > reload-into-ims > refresh_pattern -i > \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) > 20160 80% 20160 ignore-no-cache override-expire override-lastmod > reload-into-ims > refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 > refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 > refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 > refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600 > refresh_pattern . 0 20% 4320 > quick_abort_min 16 KB > quick_abort_max 16 KB > quick_abort_pct 95 > half_closed_clients off > shutdown_lifetime 0 seconds > cache_effective_user proxy > memory_pools on > client_db on > pipeline_prefetch on > cache_effective_group proxy > > > Regards, > Job Muriuki, > > Phone: (+254) - 722906324 | 736333075 > Skype: heviejob | Yahoo: heviejob > > Address: 42665 00100 Nrb > > > > > On Mon, Sep 15, 2014 at 4:00 PM, Patrick Kariuki < > patrick.kariuki@gmail.com> wrote: > >> Post your current squid.conf >> >> On Mon, Sep 15, 2014 at 2:42 PM, Job Muriuki via skunkworks < >> skunkworks@lists.my.co.ke> wrote: >> >>> This is my network configuration >>> >>> [image: Inline image 1] >>> >>> I have even tried connecting the proxy server using 2 networks one >>> for receive the users connections >>> and the other as the internet gateway to no avail. >>> >>> >>> >>> >>> >>> Regards, >>> Job Muriuki, >>> >>> Phone: (+254) - 722906324 | 736333075 >>> Skype: heviejob | Yahoo: heviejob >>> >>> Address: 42665 00100 Nrb >>> >>> >>> >>> >>> On Mon, Sep 15, 2014 at 1:16 PM, Job Muriuki <muriukin@gmail.com> >>> wrote: >>> >>>> Hello, >>>> >>>> Squid 3.3.8 is now working as the earlier versions I have used >>>> before in transparent mode. >>>> Its giving me "warning forwarding loop detected for" in cacge.log >>>> and "*Access Denied.*" on the browser. >>>> >>>> Anyone with any pointers on how t use it in transparent mode? >>>> >>>> Regards, >>>> Job Muriuki, >>>> >>>> Phone: (+254) - 722906324 | 736333075 >>>> Skype: heviejob | Yahoo: heviejob >>>> >>>> Address: 42665 00100 Nrb >>>> >>>> >>>> >>>> >>> >>> _______________________________________________ >>> skunkworks mailing list >>> skunkworks@lists.my.co.ke >>> ------------ >>> List info, subscribe/unsubscribe >>> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks >>> ------------ >>> >>> Skunkworks Rules >>> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 >>> ------------ >>> Other services @ http://my.co.ke >>> >> >> >

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."

AS per this config <http://myconfigure.blogspot.com/2013/03/transparent-squid-332-328-on-ubuntu.html> . Regards, Job Muriuki, Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob Address: 42665 00100 Nrb On Mon, Sep 15, 2014 at 4:10 PM, Odhiambo Washington via skunkworks < skunkworks@lists.my.co.ke> wrote:

Should you be really using intercept mode in this scenario? I believe intercept mode is used when traffic is redirected within the same server, not when the traffic is coming from a different device (router).

On 15 September 2014 14:42, Job Muriuki via skunkworks < skunkworks@lists.my.co.ke> wrote:

...

This is my network configuration

[image: Inline image 1]

I have even tried connecting the proxy server using 2 networks one for receive the users connections and the other as the internet gateway to no avail.

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

On Mon, Sep 15, 2014 at 1:16 PM, Job Muriuki <muriukin@gmail.com> wrote:

...

Hello,

Squid 3.3.8 is now working as the earlier versions I have used before in transparent mode. Its giving me "warning forwarding loop detected for" in cacge.log and "*Access Denied.*" on the browser.

Anyone with any pointers on how t use it in transparent mode?

Regards, Job Muriuki,

Phone: (+254) - 722906324 | 736333075 Skype: heviejob | Yahoo: heviejob

Address: 42665 00100 Nrb

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke

-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."

_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------

Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke