Package: squid Version: 2.6.1-3 Severity: important
Squid transparent proxying does not work after upgrading to version 2.6.1-3 Requests that used to go through under 2.5 are failed with a 503 error, and the log message: === LOG === Jul 28 02:45:25 BYTEBUCKET squid[6084]: Failed to select source for 'http://www.kernel.org/' Jul 28 02:45:25 BYTEBUCKET squid[6084]: always_direct = 0 Jul 28 02:45:25 BYTEBUCKET squid[6084]: never_direct = 0 Jul 28 02:45:25 BYTEBUCKET squid[6084]: timedout = 0 === END LOG === My config file is the default shipped in /usr/share/doc/squid/examples/squid.conf with the following changes: === DIFF === --- /usr/share/doc/squid/examples/squid.conf 2006-07-15 06:48:42.000000000 +1000 +++ /etc/squid/squid.conf 2006-07-28 02:37:13.000000000 +1000 @@ -70,7 +70,7 @@ # visible on the internal address. # # Squid normally listens to port 3128 -http_port 3128 +http_port 8888 transparent # TAG: https_port # Note: This option is only available if Squid is rebuilt with the @@ -2378,6 +2378,8 @@ acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 +acl localdomain1 src 192.168.1.0/24 +acl localdomain2 src 192.168.2.0/24 acl SSL_ports port 443 563 # https, snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http @@ -2524,6 +2526,8 @@ # be allowed #acl our_networks src 192.168.1.0/24 192.168.2.0/24 #http_access allow our_networks +http_access allow localdomain1 +http_access allow localdomain2 http_access allow localhost # And finally deny all other access to this proxy @@ -2831,7 +2835,7 @@ # names with this setting. # #Default: -# none +visible_hostname proxy.local # TAG: unique_hostname # If you want to have multiple machines with the same === END DIFF === This has also been reported on the squid mailing lists: http://www.mail-archive.com/[email protected]/msg39198.html According to Henrik Nordstrom: http://www.mail-archive.com/[email protected]/msg39195.html there is a patch available. Thanks, Julian Calaby -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16 Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1) Versions of packages squid depends on: ii adduser 3.87 Add and remove users and groups ii coreutils 5.96-5 The GNU core utilities ii debconf [debconf-2.0] 1.5.2 Debian configuration management sy ii libc6 2.3.6-15 GNU C Library: Shared libraries ii libdb4.3 4.3.29-5 Berkeley v4.3 Database Libraries [ ii libldap2 2.1.30-13+b1 OpenLDAP libraries ii libpam0g 0.79-3.1 Pluggable Authentication Modules l ii logrotate 3.7.1-3 Log rotation utility ii lsb-base 3.1-10 Linux Standard Base 3.1 init scrip ii netbase 4.25 Basic TCP/IP networking system ii squid-common 2.6.1-3 Internet Object Cache (WWW proxy c squid recommends no packages. -- debconf information: squid/fix_cachedir_perms: false squid/largefiles_warning: squid/anonymize_headers: * squid-cgi/cachemgr: squid/old_version: false squid/http_anonymizer: squid/authenticate_program: squid/fix_lines: true -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
