SQUID BIG PROBLEM



  • hello experts,

    i have squid 1.2.3-release with havp + squid

    my structur:

    (lan) intranet –- havp ---- squid ---- internet (wan)

    havp = transparent proxy 192.168.1.10:8080
    squid = parent proxy 127.0.0.1:3128

    its the only way to access ftp sites in my opinion, because havp dont understand ftp protokoll :(
    therefore is my cache first and then havp!

    BUT ...the big problem is:

    when i restart the pfsense machine
    my squid parent proxy config is resetted :( :( :(

    in the gui of squid are only eth0 eth1 eth2
    BUT NOT "lo" (127.0.0.1)

    WHAT IS THE BEST WAY TO FIX IT?????

    a) a script in autostart with copy my backup config to the original and makes in terminal a "squid -k reconfigure"
    b) any ideas????

    or can pfsense team fix it for all?

    THANKS A LOT



  • no one have the same problem?

    where i have to post, that the squid team fix this problem…

    i mean everyone needs a localhost interface in squid or not? ;)



  • squid = parent proxy 127.0.0.1:3128

    Why squid must have parent?
    As you scheme squid is a parent for havp. You must define havp's 'parent proxy' option to squid IP:PORT.



  • havp is set to transparent proxy with parent proxy to squid

    squid is to set to normal proxy (parent proxy for havp)

    AND then you can access ftp protokoll with havp over squid

    understand?

    therefore you need a lo interface in squid gui configuration ;)
    127.0.0.1:1234 -> lo:1234



  • Why?  Can't you just use the interface IP?



  • Also squid custom options exists..



  • @ havok

    Why?  Can't you just use the interface IP?
    

    how? in pfsense 1.2.3-release it doesent exist an "gui" ethernet interface with name: loopback
    this i need for my configuration!

    and so i have to manipulate the configs on system without pfsense gui! :(

    @dvserg

    Also squid custom options exists..

    custom options are good right, but it helped me not out ;)
    the configfile ofs squid are after reboot resetted and so i have to manipulate it :( tausend times^^

    A loopback interface to add would be perfect!



  • But why must you use loopback - what's wrong with using one of the physical interfaces (and firewalling it off)?

    As for custom options, if you specify them through the GUI they'll remain.  If you hand edit the configuration files (that are re-written on reboot) then you can expect to lose your edits.



  • yes i know :D

    thats the problem with reboot ;)

    my proxyconfig is so because i want antivirus function and squid. BUT antivirus (havp) dont understand ftp protocol and so i have to configure squid as normal proxy and havp with parent proxy to squid ip!!!  it gives no other way for alternative - only wihtout ftp support!

    therefore i need a loopback interface for squid!


Log in to reply