Re: [FreeBSD] Squid

[Murat Ustuntas]

Merhaba, O zaman yapmaniz gereken, squid.conf dosyasi icerisinde cache_effective_user ve cache_effective_group olarak belirttiginiz user ve group tanimini ( diyelim ki squid ) , /dev/pf aygitina tam erisim ile hak vermeniz gerekmektedir. Yani; chown squid:squid /dev/pf Bu, hatanin tam tanimini Daniel Hertmeier asagidaki eposta icerisinde de aciklamistir. Iyi calismalar ================== As long as the client sends a Host: header, squid will use it, and it works. Without the Host: header, squid needs the original destination address/port. There's ipf specific code that does a lookup. For pf, the following diff adds this functionality. Add these lines to your squid.conf file: http_port 8080 httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on Tested on macppc-current, I have rdr on $int_if from any to !$int_if port www -> $int_if port 8080 and from a local workstation I can run telnet www.openbsd.org www GET / HTTP/1.0 and squid fetches the page from the external server. Note that squid must be able to open /dev/pf read-writable, hence you need to adjust cache_effective_user/_group and chmod /dev/pf accordingly, if you don't run squid as root. If someone wants to add this to the squid port, or better yet, ask the author to include it in the original distfile, please do so. Daniel ================ Ömer Koyun wrote: merhaba     hatayı transparent proxy kullanımda alıyorum ve pf ile yapıyorum Murat Ustuntas <[EMAIL PROTECTED]> wrote: Merhaba, Oncelikle sormam gereken asagidaki hatayi transparent proxy kullanim sekli ile mi aliyorsunuz? Ayrica, transparent proxy entekrasyonunu pf ile mi yapiyorsunuz? Eger yukaridaki sartlar altinda bu hata aliniyorsa, ona gore bir cozum belirmek gerekecek. Ömer Koyun wrote: merhaba arkadaşlar   squid-2.5.STABLE10 ' u kurduktan sonra herhangi bir client 'ta explorer ı açtığım zaman aşağıdaki hatayı alıyorum .  Bunun nededni ne olabilir.   ERROR The requested URL could not be retrieved While trying to process the request: GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */* Accept-Language: tr Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Host: www.yahoo.com Connection: Keep-Alive The following error was encountered: Invalid Request Some aspect of the HTTP Request is invalid. Possible problems: Missing or unknown request method Missing URL Missing HTTP Identifier (HTTP/1.0) Request is too large Content-Length missing for POST or PUT requests Illegal character in hostname; underscores are not allowed Your cache administrator is webmaster. Generated Mon, 30 May 2005 14:14:32 GMT by __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- Murat Ustuntas UNIX/Linux Sistem Koordinatoru MarketWeb Fidan Iletisim Hizmetleri A.S. +-----------------------------------------------------------------------------------------------------------+ pub 1024D/23CE4D2E 2004-10-26 Murat Ustuntas (UNIX/Linux Sistem Koordinatoru) <[EMAIL PROTECTED]> sub 1024g/2CAC8D6D 2004-10-26 +-----------------------------------------------------------------------------------------------------------+ www.keyserver.net adresini kullanarak PGP sorgusu yapabilirsiniz. --------------------------------------------------------------------- Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php Do You Yahoo!? Yahoo! Small Business - Try our new Resources site! -- Murat Ustuntas UNIX/Linux Sistem Koordinatoru MarketWeb Fidan Iletisim Hizmetleri A.S. +-----------------------------------------------------------------------------------------------------------+ pub 1024D/23CE4D2E 2004-10-26 Murat Ustuntas (UNIX/Linux Sistem Koordinatoru) <[EMAIL PROTECTED]> sub 1024g/2CAC8D6D 2004-10-26 +-----------------------------------------------------------------------------------------------------------+ www.keyserver.net adresini kullanarak PGP sorgusu yapabilirsiniz. --------------------------------------------------------------------- Cikmak icin, e-mail: [EMAIL PROTECTED] Liste arsivi: http://lists.enderunix.org Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/freebsd.php