[squid-users] Fwd: Squid problem with OpenBSD (The Solution) from Henrik Nordstrom on 2001-06-01 (squid-users)

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 01 Jun 2001 09:13:20 +0200

attached mail follows:

Dear friends,

My problem with squid in OpenBSD 2.8 is solved.
With special help of:

Henrik Nordstrom <hno@hem.passagen.se>
Chuck Yerkes <chuck@snew.com>
Larry Moore <lmoore@starwon.com.au>
Robert Collins <robert.collins@itdomain.com.au>
J.C. Roberts <unknown@abac.com>
Adrian Chadd <adrian@creative.net.au>
Peter Verhagen <miscbsd@sapl.ab.ca>
dreamwvr@dreamwvr.com

1) Steps of my squid solution (transparent web proxy):
======================================================

1.a) Operational System

OpenBSD 2.8

1.b) Compiling Squid

env "CFLAGS=-O -g" ./configure --enable-ipf-transparent
make clean
make
make install

1.c) Configuring squid with transparent proxy

httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

1.d) Changing the NAT device properties in OpenBSD system

chmod +r /dev/ipnat

1.e) OpenBSD configuration

/etc/ipnat.rules

> rdr xl3 0.0.0.0/0 port 80 -> 127.0.0.1 port 3128

2. Errors in process
====================

2.a) Error in Web access (OpenBSD proxy transparent on)
(HTML page in client Web)

> ERROR
> The requested URL could not be retrieved
>
> --------------------------------------------------------------------------

--
> ----
>
> While trying to retrieve the URL: /
>
> The following error was encountered:
>
> Invalid URL
> Some aspect of the requested URL is incorrect. Possible problems:
>
> Missing or incorrect access protocol (should be `http://'' or similar)
> Missing hostname
> Illegal double-escape in the URL-Path
> Illegal character in hostname; underscores are not allowed
>
2.b) Squid log error (part 1)
     (Solution: 1.b)
>
> ...storeLateRelease: released 0 objects
> FATAL: Received Segment Violation...dying  <----- ERROR
> ...
> Page faults with physical i/o: 0           <----- ERROR
> Starting squid Cache...
and in /var/messages
 	Squid Parent: child process 879 exited with status 1
> 	Squid Parent: child process 32233 started
2.c) Squid Error (part 2)
     (Solution: 1.d)
squid access.log
----------------
TCP_DENIED/403 1030 GET http://www.yahoo.com - NONE/- -
NONE/400 1409 GET error:nat-open-failed - NONE/- -
squid cache.log
---------------
clientAccessCheck: proxy request denied in accel_only mode
parseHTttpRequest:NAT open failed: (13) Permission denied
clientReadRequest: FD 10 Invalid Request

Received on Fri Jun 01 2001 - 01:15:32 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:27 MST