> > As you can see, wget sends different HTTP requests with and without
> > http_proxy environment variable. Seems like squid dislike this
> > request: GET /
> > User-Agent: Wget/1.7
> > Host: www.ilyichevsk.net
> > Accept: */*
> > Connection: Keep-Alive
> >
> > Why???!!
> >
> > P.S. I verified that with telnet too.
>
> BTW, I seem to never hit this code (debug_options ALL,1 22,3 33,5
> but grep of 'parseHttpRequest: addr =' yields nothing in logs):
>
> src/client_side.c
> ...
> #if LINUX_NETFILTER
> /* If the call fails the address structure will be
> unchanged */ getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me,
> &sock_sz); debug(33, 5) ("parseHttpRequest: addr = %s",
> inet_ntoa(conn->me.sin_addr)); if (vport_mode)
> vport = (int) ntohs(http->conn->me.sin_port);
> #endif
Let's take a closer look: this is the only place where I see
Linux transparent proxy handling:
src/client_side.c
=================
static clientHttpRequest *
parseHttpRequest(ConnStateData * conn, method_t * method_p, int *status,
char **prefix_p, size_t * req_line_sz_p) {
...
debug(33, 5) ("parseHttpRequest: Request Header is\n%s\n", (*prefix_p) + *req_line_sz_p);
#if THIS_VIOLATES_HTTP_SPECS_ON_URL_TRANSFORMATION
if ((t = strchr(url, '#'))) /* remove HTML anchors */
*t = '\0';
#endif
/* handle internal objects */
if (internalCheck(url)) {
/* prepend our name & port */
http->uri = xstrdup(internalLocalUri(NULL, url));
http->flags.internal = 1;
http->flags.accel = 1;
}
/* see if we running in Config2.Accel.on, if so got to convert it to URL */
else if (Config2.Accel.on && *url == '/') {
/* prepend the accel prefix */
if (opt_accel_uses_host && (t = mime_get_header(req_hdr, "Host"))) {
...
} else if (vhost_mode) {
int vport;
/* Put the local socket IP address as the hostname */
url_sz = strlen(url) + 32 + Config.appendDomainLen;
http->uri = xcalloc(url_sz, 1);
if (vport_mode)
vport = (int) ntohs(http->conn->me.sin_port);
else
vport = (int) Config.Accel.port;
#if IPF_TRANSPARENT
...
#elif PF_TRANSPARENT
...
#else
#if LINUX_NETFILTER
/* If the call fails the address structure will be unchanged */
getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz);
debug(33, 5) ("parseHttpRequest: addr = %s", inet_ntoa(conn->me.sin_addr));
if (vport_mode)
vport = (int) ntohs(http->conn->me.sin_port);
#endif
snprintf(http->uri, url_sz, "http://%s:%d%s",
inet_ntoa(http->conn->me.sin_addr),
vport, url);
#endif
...
So, to hit this code I have to have:
(Config2.Accel.on && *url == '/')
and not (opt_accel_uses_host && (t = mime_get_header(req_hdr, "Host"))
and (vhost_mode)
How to translate this into squid.conf options? After *much*
squid.conf.default reading and keeping above in mind, I came to this:
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
which finally works.
Did I miss a nice FAQ? If not, I have to write it up...
Now I need to sleep... even five cups of coffee didn't help... ;)
P.S. It was totally unobvious that
IPF_TRANSPARENT takes precedence over PF_TRANSPARENT over LINUX_NETFILTER.
I compiled in all three options first, that will never work on Linux I suppose?
I didn't try, recompiled with LINUX_NETFILTER only.
Another FAQ item to write...
-- vdaReceived on Wed Jan 29 2003 - 06:06:19 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:56 MST