On 6/1/05, Henrik Nordstrom <hno@squid-cache.org> wrote:
> On Wed, 1 Jun 2005, Henry wrote:
>
> > While trying to process the request:
> >
> > GET / HTTP/1.1
> > Accept: */*
> > Accept-Language: en
> > Accept-Encoding: gzip, deflate
> > User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/412
> > (KHTML, like Gecko) Safari/412
> > Connection: keep-alive
> > Host: www.mac.com
>
> Your squid.conf is not configured properly for interception. See FAQ.
>
> Regards
> Henrik
>
I tried to test this on my second server but the guys in my network
allready have plans for it.
I wanted to test OpenBSD with pf (route-to) on the Gateway and FreeBSD
wiht pf (rdr) on squid server.
*** On Squidserver
<pf.conf>
rdr on $int_if inet proto tcp from any to any port www -> 127.0.0.1 port 3128
pass in on $int_if inet proto tcp from any to 127.0.0.1 port 3128 keep state
pass out on $ext_if inet proto tcp from any to any port www keep state
<pf.conf>
<squid.conf>
http_port 127.0.0.1:3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
<squid.conf>
# chgrp _squid /dev/pf
# chmod g+rw /dev/pf
*** On Gateway
<pf.conf>
int_if = "internal interface"
squid_if = "interface with route/direct connection to squid"
squid_ip = "ip of Squidserver"
my_lan = "client IPs"
pass in on $int_if route-to ($squid_if $squid_ip) proto tcp from
$my_lan to any port www keep state
<pf.conf>
I can get a test server to check this but not before the weekend.
There is so much I want to test.
Do we need to route www from FreeBSD/Squid back to OpenBSD?
Does the Squidserver need two ethernet interfaces or an alias and to
act as a router?
And I was hoping to test squid with tcp_outgoing_address and nat rules.
Good luck Henry and wish me luck.
-- Kind regards Abu KhaledReceived on Wed Jun 01 2005 - 08:18:05 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Jul 01 2005 - 12:00:02 MDT