Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to get Squid transparent proxy to accept traffic on its own

    Scheduled Pinned Locked Moved pfSense Packages
    1 Posts 1 Posters 972 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Rubicon
      last edited by

      Hello,

      I have two CARP router setup's at two different office locations  Each CARP setup consists of 2 routers, each with a LAN, WAN and SYNC physical interface.  Both locations are running 2.1.4 and have the following packages installed and on the latest updated as of today:  Squid, HAVP, Snort, pfBlocker.  My issue on one router is with the Squid and HAVP packages.  At one office in the USA, everything appears to run just fine and does what is expected.  The Squid proxy is working in transparent mode and HAVP runs as the parent to SQUID.  I can test with EICAR and I receive a block page as expected and the access.log for squid shows traffic going through therefore its caching.

      However, with the same exact setup in another office (Netherlands) traffic refuses to go through the SQUID proxy then to HAVP.  Looking at access.log, nothing appears but the access and cache files in /var/squid/logs are created.

      I've tried navigating to http://routerIP:3128 and receive the following:

      **_ERROR
      The requested URL could not be retrieved

      While trying to process the request:

      GET / HTTP/1.1
      Host: 192.168.5.1:3128
      User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
      Accept-Language: en-US,en;q=0.5
      Accept-Encoding: gzip, deflate
      Cookie: PHPSESSID=cb73d401520ddaaace63de28022973ed; cookie_test=1409842330
      Connection: keep-alive

      The following error was encountered:

      Invalid Request

      Some aspect of the HTTP Request is invalid. Possible problems:

      Missing or unknown request method
          Missing URL
          Missing HTTP Identifier (HTTP/1.0)
          Request is too large
          Content-Length missing for POST or PUT requests
          Illegal character in hostname; underscores are not allowed_**

      If I set my web browser to use the proxy 192.168.5.1:3128, the proxy works and HAVP blocks the EICAR test file.

      I have Squid setup identical to the USA office which is set to:

      Proxy Interface: LAN
      Allow Users: check
      Transparent Proxy: check

      I've tried adding my subnet to the ACL and that was not helping.

      When I navigate to http://RouterIP:3128 and get the above message, in the logs it shows:  TCP_DENIED/400 1881 GET NONE:// - NONE/- text/html

      I've also tried specifying google DNS servers in case something was wrong there but that didn't fix the issue either.

      Any ideas where to look or something to test would be appreciated.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.