Transparent squid on 2.0 Release

ncolunga

Hi,

I've found a problem on 2.0 release with squid, transparent proxy isn't workin because squid is receiving empty http requests.

in access.log they appear as: TCP_DENIED/400 2318 GET NONE:// - NONE/- text/html

I found it doing and upgrade from rc3 to release but i have tried with a release install instead of the upgrade and the problem persists.

It's not a common configuration, squid is running on a bridge interface which is the default route of the network. This configuration works properly at least on RC1 and RC3.

Is anyone succesfully using transparent squid on 2.0 release?

Thanks and best regards.

Gloom

Yes I've got squid 2.7 running in transparent mode talking to an upstream proxy also running squid and squidguard on 2 release AMD64 build.
Does exactly what it says on the tin and there are no issues.

Not much help to you really but at least you now know it should work.

ncolunga

Ok, I've found that the problem only appears with squid listening on more than one interface. Transparent squid on only one interface works properly but on more than one interface brings the GET NONE error.

Weird, i have been using squid on three interfaces since RC1 without problems.

Nachtfalke

Hi,

I am using squid 2.7.x on amd64. I have got a physical interface with 7 VLANs assigned to it. On every VLAN I have listenling squid in transparent mode. I do not have logging enabled so I cannot tell you what is in my access.log but I know squid is caching because did some tests with downloading windows updates and they came from squid and not rom WAN.

My pfsense machine isn't doing NAT, just routing and firewall.

ncolunga

I'm using Squid 2.7.9_4.2 , i have checked the issue on a Fujitsu with a realtek lan card and on a HP with a IBM card. I'm seting squid to listen on transparent bridge interfaces. ¿Are you using bridge interfaces too? Perhaps the problem is only there.

Nachtfalke

@ncolunga:

I'm using Squid 2.7.9_4.2 , i have checked the issue on a Fujitsu with a realtek lan card and on a HP with a IBM card. I'm seting squid to listen on transparent bridge interfaces. ¿Are you using bridge interfaces too? Perhaps the problem is only there.

Hi,

as I wrote above my pfsense is routing and not bridging. Perhaps you are right with the "bridge" problem.

superwutze

– edit --

sorry, that disables the transparent proxy on both physical interfaces that are connected to the bridge. now i only selected the bridge-interface and it works, but i had to deselect loopback because when that also was enabled i got the mentioned error. so it seems to me the error occurs indeed when two or more interfaces are selected.

-- edit end --

same problem here. i resolved it by deselecting the bridgeinterface in the squid configuration and just selecting the physical interfaces. hope that helps.

greetings,
andy

ncolunga

Thanks for the info super.