> The error indicates Squid does not realize these connections have been > transparently intercepted. > > Make sure you have the correct --enable-- option for integrating Squid > with your OS firewall, and no related errors in cache.log. > > Regards > Henrik
Good point. I had missed that. However it still doesn't work.. I have followed all instructions on http://www.squid-cache.org/Doc/FAQ/FAQ-17.html . It actually works with Squid 2.5, but only when the hijacked packets are redirected to port 80. If I change http_port 80 to http_port 8090, and httpd_accel_port from 80 to 8090, and use this ipfw command: ipfw add 50 fwd 127.0.0.1 tcp from any to any 80 instead of ipfw add 50 fwd 127.0.0.1,8090 tcp from any to any 80 it stops working. The browser indicates that it has contact with the web server, but nothing happens. After some time this may appear in access.log: TCP_MISS/000 0 GET http://idg.se:8090/ - NONE/- - I suspect there's something wrong with the packet forwarding.. When running Squid-3 instead the problem is these log entries: NONE/400 1749 GET / - NONE/- text/html which of course generates "Invalid URL" in the browser. /Andreas