Squid 'blocking' one website
Hello.. sorry about the odd subject header, I am unsure how to better describe my problem in a few words… so here goes
I'm using 1.2-BETA-2, and I have Squid installed as a transparent proxy on my LAN. All seemed to be working fine until my users told me this morning there's this website that would not load fully.
When testing it out, it does seem only the first few KB of data from the site are let in.. then the browser just keeps waiting for the rest of the HTML page until it times-out (it's a single page.. no frames or iFrames or anything of that kind).
However if i disable transparent proxy on Squid, the same page can load without problems at all. I added the domain as a 'do not cache' domain in Squid but that didn't help. The full HTML file for that page is 29KB, but when the proxy is enabled only ~16K go through. (on other domains I have no problem loading 'big' 120KB HTML files with Squid enabled)
Anyone has any clue what is happening?
I already noticed about block access to IP 127.0.0.1 from pfsense system with transparent mode squid/ May be this is a problem?
This sounds like a very similar problem to the transparent proxy option before the squid package was fixed (i.e. in pfSense 1.0.1) :( IIRC this is what happens in the IPCop implementation of a transparent proxy as well.
Hopefully somebody can take care of this without too much trouble.
It would be helpful to know what site it is. All told, this is probably a question for the squid mailing list, not pfSense.
can it be that that website is trying to download a image or things like that from a difrend webserver that is running on a non default port like 8000 or 8080
like this website:
Oh somehow forgot to tell which website.. http://www.ocbc.com/velocity/sg/
Possibly it's an error in my configuration, but I really can't figure out why only this site is having this issue…
I should point out that this is the slowest site I've seen in a long time. It could very well be that the site is failing to load fully before squid's timeout is hit and so you're just getting what it has before the timeouts hit. The fact that your problem is limited to one very slow site is pretty telling.