So, I added those and restarted...still get the "your computer may be
sending automated queries" error form google.
I then set x forwarded for to off, no change.
Then commented out via, no change.
Current conf:
auth_param basic realm AAA proxy server
auth_param basic credentialsttl 2 hours
auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/squid_passwd
authenticate_cache_garbage_interval 1 hour
authenticate_ip_ttl 2 hours
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 1863 # MSN messenger
acl ncsa_users proxy_auth REQUIRED
acl CONNECT method CONNECT
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access allow localhost
http_access allow ncsa_users
http_access deny all
icp_access allow all
http_port 8080
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
buffered_logs on
half_closed_clients off
visible_hostname AAAProxyServer
log_icp_queries off
dns_nameservers 208.67.222.222 208.67.220.220
hosts_file /etc/hosts
memory_pools off
client_db off
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 400000/400000
forwarded_for on
via on
cache_mem 256 MB
Quoting Amos Jeffries <squid3_at_treenet.co.nz>:
> On 8/06/2014 5:06 a.m., Lawrence Pingree wrote:
>> I use the following but you need to make sure you have no looping
>> occurring in your nat rules if you are using Transparent mode.
>>
>> forwarded_for delete
>> via off
>
> Given that the notice is above traffic volume arriving at Google (not
> looping) you probably actually need "via on" to both protect against
> looping and tell google there is a proxy so they should use different
> metrics.
>
> You could also cache to reduce the upstream connection load. Squid does
> in-memory caching well enough for up to MB sized objects if you give it
> some cache_mem and remove that "cache deny all" (cache_dir is optional
> and disabled by default in squid-3).
>
> Amos
>
>
----- End forwarded message -----
Received on Thu Jun 26 2014 - 23:41:07 MDT
This archive was generated by hypermail 2.2.0 : Fri Jun 27 2014 - 12:00:05 MDT