2013-01-24 09:41, iain skrev:
FreeBSD 9.1 installation with Squid installed from ports and using
transparent mode results in "Access Denied" messages when trying to
browse regular HTTP.
Log files fill up with:
*** LOGFILE ***
1359013451.945 0 XXX.XXX.XXX.25 TCP_MISS/403 4272 GET
http://w
2013-01-14 16:05, Eliezer Croitoru skrev:
On 1/14/2013 1:48 PM, Leslie Jensen wrote:
I've now upgraded squid to 3.2 and rewritten the firewall rule that
resulted in a forwarding loop.
Unfortunately I've got no access now and I can't see where I've made the
error.
The b
I've now upgraded squid to 3.2 and rewritten the firewall rule that
resulted in a forwarding loop.
Unfortunately I've got no access now and I can't see where I've made the
error.
The browser says squid is rejecting the requests:
Access control configuration prevents your request from being
Eliezer Croitoru skrev 2012-11-23 09:13:
On 11/23/2012 10:00 AM, Leslie Jensen wrote:
I'm not really sure that I understand the meaning or effect of the
above. We do not have browsers configured with proxy. When I set this up
a few years back the whole idea was that the users shoul
Eliezer Croitoru skrev 2012-11-23 09:13:
The above settings cannot exist!
this is since you are using one port paired with IP for intercept.
squid must have one http_port XXX what ever if you will use it or not.
if you have one port used for either intercept or regular forward proxy
you c
Amos Jeffries skrev 2012-11-23 03:14:
+ 3.2 intercept port receiving forward-proxy requests will reject them
due to NAT failure/lies.
+ 3.2 Host header validation *will* reject if forward traffic is
validated as being intercepted.
** you need at minimum to add a http_port line without "int
enied" lines are what I need.
Regards,
Eliezer
On 11/22/2012 4:41 PM, Leslie Jensen wrote:
Eliezer Croitoru skrev 2012-11-22 15:19:
Next time just clean the file first to make it more readable:
use the command cat squid.conf|sed 's/^[ \t]*//'|sed 's/^#.*//'|sed
'/^
Eliezer Croitoru skrev 2012-11-22 15:19:
Next time just clean the file first to make it more readable:
use the command cat squid.conf|sed 's/^[ \t]*//'|sed 's/^#.*//'|sed '/^$/d'
##start
http_port 127.0.0.1:8080 intercept
http_port 172.18.0.1:8080 intercept
hierarchy_stoplist cgi-bin ? php asp
Amos Jeffries skrev 2012-11-22 13:24:
On 23/11/2012 12:28 a.m., Leslie Jensen wrote:
Pavel Bychykhin skrev 2012-11-22 12:15:
22.11.2012 12:14, Leslie Jensen пишет:
Hi list.
I just upgraded Squid from 3.1 to 3.2 on my Freebsd version 8.3
In my squid.conf I had the following lines that
Pavel Bychykhin skrev 2012-11-22 12:15:
22.11.2012 12:14, Leslie Jensen пишет:
Hi list.
I just upgraded Squid from 3.1 to 3.2 on my Freebsd version 8.3
In my squid.conf I had the following lines that I got complaints from
when starting squid after the upgrade
Hi list.
I just upgraded Squid from 3.1 to 3.2 on my Freebsd version 8.3
In my squid.conf I had the following lines that I got complaints from
when starting squid after the upgrade.
---
Define access control lists
#
On 2011-04-06 05:32, Amos Jeffries wrote:
Thank you. I've split the wiki examples we have for PF into separate
OpenBSD and FreeBSD pages and added a new section for the altered
OpenBSD syntax.
Would any of you mind reading through and checking the texts? please?
http://wiki.squid-cache.org/Co
On 2011-04-04 13:22, Amos Jeffries wrote:
On 04/04/11 20:18, Leslie Jensen wrote:
Hello List
I'm trying to get port 443 through Squid. I've added the port to the PF
redirection and as you can see below I have the port in squid.conf.
port 80 is the only port which can be interc
Hello List
I'm trying to get port 443 through Squid. I've added the port to the PF
redirection and as you can see below I have the port in squid.conf.
Unfortunately it looks as if I need to do more. I get the errors below:
1301904470.125 0 172.17.0.10 NONE/400 3619 NONE
error:invalid-
Hi List
I found out what was wrong. It was in /etc/pf.conf, the int_if specified
as bfe0 should be bge0
So it was a Typo!
Thank you very much for your time and effort. I'm a bit ashamed that I
did not spot the typo earlier.
Everything is now acting as expected :-)
/Leslie
On 2011-03-29 20:12, Goetz T. Fischer wrote:
Hi,
i have some more or less major problems with Squid and Firefox 4. i tried
current version of 2.7 and 3.1, also default configs and so on. anyhow ff4
doesn't seem to like squid no matter what i do. all other browsers are fine
including prior fir
On 2011-03-29 14:52, Kevin Wilcox wrote:
On Tue, Mar 29, 2011 at 07:47, Amos Jeffries wrote:
I have not had anyone report either "works" or "fails" for IPFW, IPFILTER
or PF on the 3.1.10 or later releases.
I believe the other modules work due to people using them successfully.
I can con
On 2011-03-29 13:47, Amos Jeffries wrote:
On 30/03/11 00:20, Indunil Jayasooriya wrote:
I've now installed Freebsd 8.2-RELEASE on new hardware and I'm using my
config from the 7.2 machine.
My problem is that squid is not working with transparency. The browser
traffic goes directly to the Inte
On 2011-03-29 13:20, Indunil Jayasooriya wrote:
I've now installed Freebsd 8.2-RELEASE on new hardware and I'm using my
config from the 7.2 machine.
My problem is that squid is not working with transparency. The browser
traffic goes directly to the Internet.
If u r doing with PF, Can I have
On 2011-03-29 12:26, Indunil Jayasooriya wrote:
On Tue, Mar 29, 2011 at 3:32 PM, Leslie Jensen wrote:
Hello list.
I've used squid together with pf for a while on a Freebsd 7.2-RELEASE
machine.
I've now installed Freebsd 8.2-RELEASE on new hardware and I'm using my
conf
Hello list.
I've used squid together with pf for a while on a Freebsd 7.2-RELEASE
machine.
I've now installed Freebsd 8.2-RELEASE on new hardware and I'm using my
config from the 7.2 machine.
My problem is that squid is not working with transparency. The browser
traffic goes directly to t
Sorry to disturb, mails to the list and to amos has been bouncing for me.
/Leslie
Amos Jeffries skrev:
Um, the config you showed simplifies down to:
allow localhost access anywhere.
deny anything else. Period.
I think you want:
#
# If we want to block certain sites.
#
# acl blockedsites dstdomain .aftonbladet.se.
acl blockedsites dstdomain .squid-cache.org
> HI All,
>
>
>
> I am trying to use squid 2.7 in FreeBSD machine. But there is no option
> available "--enable-ipfw-transparent" for configure the squid in
> transparent mode. How can we enable transparent mode when configuring
> squid?.
>
>
>
> Regards
>
> Vivek
>
>
Before you compile, do ma
2009/4/6 Leslie Jensen
Leslie Jensen wrote:
Hello
My Proxy, Squid-3.0.13 on FreeBSD 7.1-RELEASE-p4, is running fine but I
can't get the folowing to work.
# acl blocked_sites dstdomain .aftonbladet.se.
acl blocked_sites dstdomain "/usr/local/etc/squid/dstdomain&q
> Leslie Jensen wrote:
>> Hello
>>
>> My Proxy, Squid-3.0.13 on FreeBSD 7.1-RELEASE-p4, is running fine but I
can't get the folowing to work.
>>
>> # acl blocked_sites dstdomain .aftonbladet.se.
>>acl blocked_sites dstdomain "/usr/local
Hello
My Proxy, Squid-3.0.13 on FreeBSD 7.1-RELEASE-p4, is running fine but I
can't get the folowing to work.
# acl blocked_sites dstdomain .aftonbladet.se.
acl blocked_sites dstdomain "/usr/local/etc/squid/dstdomain"
deny_info ERR_ACCESS_DENIED blocked_sites
http
Amos Jeffries skrev:
Chris Robertson wrote:
Leslie Jensen wrote:
I'm running Squid-3.0.10 on FreeBSD 7.0-RELEASE-p4 with PF.
I've noticed that in cache.log are a lot of entries as the one below
clientNatLookup: PF open failed: (13) Permission denied
I've found some inf
Amos Jeffries skrev:
Chris Robertson wrote:
Leslie Jensen wrote:
I'm running Squid-3.0.10 on FreeBSD 7.0-RELEASE-p4 with PF.
I've noticed that in cache.log are a lot of entries as the one below
clientNatLookup: PF open failed: (13) Permission denied
I've found some inf
I'm running Squid-3.0.10 on FreeBSD 7.0-RELEASE-p4 with PF.
I've noticed that in cache.log are a lot of entries as the one below
clientNatLookup: PF open failed: (13) Permission denied
I've found some information on the problem via Google.
One is "start Squid as root". Squid is started via rc.
30 matches
Mail list logo
