Destination ::1 with Squid 3 (package 0.2.9) [SOLVED]



  • Hello, guys. Need your help.

    Got: pfSense 2.2.4-RELEASE (amd64), Squid 3 configured as non-transparent Proxy.
    I use basic wpad.dat as it was suggested in docs.

    OK: I can surf via any browser without problems, laptop with Win7 works fine, iPhone Safari or Chrom is fine too. I can use different apps and they work fine (Instagram, Weather app and so on)

    PROBLEM: I can not view video via Facebook app. It loads other contect without any problems - text, photos, video preview pics, but no video at all. If you open same video with Safari - it plays.

    Here what I see in logs when trying to view video with Facebook App (see attachment)

    EDIT:
    If I use transparent mode, everything works like a charm, but I don`t want to use that config because of HTTPs certificates, which I need to install on huge amount of various mobile devices.




  • If I use transparent mode, everything works like a charm

    Sounds like the app is getting blocked by the port 80/443 rule (that is if you have a firewall rule that blocks port 80 and 443).



  • @aGeekHere:

    Sounds like the app is getting blocked by the port 80/443 rule (that is if you have a firewall rule that blocks port 80 and 443).

    Yep, I got that rules, but firewall log is empty, there are no hits when I am trying to open video. And the proxy log is not empty - I am getting that strange record about ::1 destination.



  • I am getting that strange record about ::1 destination.

    That is the IPv6 equivalent of localhost, I believe.

    but firewall log is empty

    You're definitely checking the LAN logs at the time it's being blocked?



  • @KOM:

    You're definitely checking the LAN logs at the time it's being blocked?

    I am totally sure about that. Also I just tested how it will work if I will disable packet filtering at all. Nothing changed.

    For some reason instead of proxying it just requesting something from localhost. I am not sure that is being blocked, I guess it somehow makes wrong translation of request, or APP makes wrong request.



  • does it work if you go direct? (not through squid)



  • @aGeekHere:

    does it work if you go direct? (not through squid)

    It seems that I have some wpad misconfiguration - if I set manually proxy server for Wi-Fi connection of my iPhone, everythings works fine. Problem is only with auto proxy configuration using 252 DHCP option.



  • To assume my efforts:

    Video in Facebook App works fine:

    • direct accessed with no proxy in wi-fi connection settings
    • proxy accessed with manually set proxy in wi-fi connection settings

    Video in Facebook Apps could not be opened:

    • proxy accessed with auto set proxy in wi-fi connection settings. I tried both DHCP 252 option and DNS wpad alias. Both cases Facebook app goes via proxy to download content (even if direct acces is possible, not blocked by firewall rule), but video request looks like:

    1441183051.660  59785 192.168.186.252 TCP_MISS/503 4502 GET http://localhost:29223/1186847584663301/EA10C839-1265-4817-A253-EA79B8CF9AF6/0/1560691400859461? - HIER_DIRECT/::1 text/html
    1441183074.106  59135 192.168.186.252 TCP_MISS/503 4422 GET http://localhost:29223/851870994868141/812909C0-61C4-4EA7-B4A2-C81A1D0BF973/0/430902683753710? - HIER_DIRECT/::1 text/html
    1441183129.788  60417 192.168.186.252 TCP_MISS/503 4425 GET http://localhost:29223/1243746888968803/8B91323C-8C89-4819-8B9A-4A6D7712CC50/0/477532955731545? - HIER_DIRECT/::1 text/html
    1441183243.517  60468 192.168.186.252 TCP_MISS/503 4425 GET http://localhost:29223/1243746888968803/8B91323C-8C89-4819-8B9A-4A6D7712CC50/0/477532955731545? - HIER_DIRECT/::1 text/html
    1441183257.018  59090 192.168.186.252 TCP_MISS/503 4488 GET http://localhost:29223/1468073563516070/6C57AEF6-D4DB-4FD1-A550-559B44AE6255/0/1468075303515896? - HIER_DIRECT/::1 text/html



  • It could be that the app does not support auto set proxy even though there is an option there for it (found a few programs that did this).

    Also maybe it cannot find the wpad file (like firefox) in system internet options (if using windows) connections, lan settings tic and use the use automatic configuration script and enter your script there.



  • Solved.

    After Facebook APP update it works now.  >:(

    "Something's not working with the Facebook for iOS app.

    If something's not working with the Facebook app for iPhone or iPad, first make sure you have the most up-to-date version of the app. To do this, go to the App Store on your iPhone or iPad and update the app. If there's a newer version of the Facebook app you don't have yet, it'll be listed there for you to download.

    If this doesn't solve your issue, try reporting your problem to us."

    https://www.facebook.com/help/168738436521284