On Dec 31, 2011, at 4:00 PM, jeffrey j donovan wrote:
> greetings, Im stuck and im not sure what part I should re-do.
>
> I have an xserve running 10.6.8
>
> I have clients routing through the system just fine with ipfw. they can access the internet via a NAT on the otherside of the squid.
>
> compiled squid 3.1.18
> Squid Cache: Version 3.1.18
> configure options: '--enable-icmp' '--enable-delay-pools' '--disable-htcp' '--enable-ipfw-transparent' '--enable-snmp' '--enable-underscores' '--enable-basic-auth-helpers=NCSA,LDAP' --with-squid=/usr/local/squid-3.1.18 --enable-ltdl-convenience
>
> squid starts
>
>
> squid3:sbin root# ./squid -d1X
> squid3:sbin root# 2011/12/31 15:44:18| Starting Squid Cache version 3.1.18 for i686-apple-darwin10.8.0...
> snip
> I can see the packets being fwd' to squid
>
> 00500 5 240 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1
> 00500 111 6448 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1
> 00500 117 6832 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1
> 00500 122 7088 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1
>
>
> nothing shows up in my access.log, squid never gets the hit.
>
> So,.. I think it's compiled correctly, but im not sure if I should re-compile this version or try another. Or maybe try with other options.
> Anyone know any fancy lsof or greps i can use to find out whats happening ?
>
> any suggestions ? - this same setup worked under 3.1.11 with osx 10.5
>
> -j
okay I got squid to take a hit.
The system is not operating in intercept mode. I just connected to it with my client. I had to specify the proxy settings in the system or browser. it appears it is not working in intercept mode.
here is my relevant squid.conf
http_port 10.10.60.55:3128 intercept
result when squid starts;
2011/12/31 15:44:18| Accepting intercepted HTTP connections at 10.10.60.55:3128, FD 13.
here is a question. -- Whats the best version of squid, If I only want the intercept and redirect feature. 2.7 or 3.1.x?
on my traditional cache proxy systems, 3.1.+ is the way to go, but intercept does not require (in my case) cache and authentication. Is 3.1.18 where I should stay is what im asking.
-j
Received on Sat Dec 31 2011 - 22:21:36 MST
This archive was generated by hypermail 2.2.0 : Sun Jan 01 2012 - 12:00:03 MST