-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Amos,
important not to break Solaris-IPFilter for me ;)
WBR, Yuri
23.01.2015 22:17, Amos Jeffries пишет:
On 24/01/2015 4:57 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 18:29, Odhiambo Washington wrote:
To simplify:
Suppose I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 2:20 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 16:07, Amos Jeffries squ...@treenet.co.nz
wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
On 24/01/2015 1:47 a.m., Yuri Voinov wrote:
Once more. You CANNOT have
On 23 January 2015 at 16:29, Amos Jeffries squ...@treenet.co.nz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 2:13 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 15:47, Yuri Voinov yvoi...@gmail.com
wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
On 23 January 2015 at 16:40, Amos Jeffries squ...@treenet.co.nz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 2:20 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 16:07, Amos Jeffries squ...@treenet.co.nz
wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
So for the past few days I have been struggling with Squid in intercept
mode on FreeBSD-10.1.
Using the same squid.conf for Squid-3.4.10 and Squid-3.5.1 and the same
Firewall rules (I have tested with IPFilter and PF and these rules work
with Squid-2.7.9 on several FreeBSD boxes that I have):
1.
On 23 January 2015 at 15:13, Yuri Voinov yvoi...@gmail.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Did you have any service can listen port 80 on your host? I.e. web-server?
Yes. There is a webserver on the same host, listening on both 80 and 443.
--
Best regards,
On 23 January 2015 at 14:57, Yuri Voinov yvoi...@gmail.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
redirection loop can only occurs when reqwiter or NAT misconfigured.
On early Squid versions to avoid loops was used:
# Rewriter cycle workaround
url_rewrite_access deny
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Did you have any service can listen port 80 on your host? I.e. web-server?
23.01.2015 18:10, Odhiambo Washington ?:
On 23 January 2015 at 14:57, Yuri Voinov yvoi...@gmail.com
mailto:yvoi...@gmail.com wrote:
-BEGIN PGP SIGNED
On 23 January 2015 at 15:47, Yuri Voinov yvoi...@gmail.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Once more. You CANNOT have neither web-server nor other service with
listening port 80 on the same host as transparent Squid proxy. This is one
and only reason you have looping.
On 23 January 2015 at 16:07, Amos Jeffries squ...@treenet.co.nz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 1:47 a.m., Yuri Voinov wrote:
Once more. You CANNOT have neither web-server nor other service
with listening port 80 on the same host as transparent Squid
On 01/23/15 14:13, Odhiambo Washington wrote:
On 23 January 2015 at 15:47, Yuri Voinov yvoi...@gmail.com
mailto:yvoi...@gmail.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Once more. You CANNOT have neither web-server nor other service with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This looks like not optimal solution, Henrik.
A long time ago, when I meet similar issue, I've draw request way on my
proxy host and find cycling configuration.
It was chain NAT-proxy-redirector-NAT-proxy
To break it I completely differentiate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 2:13 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 15:47, Yuri Voinov yvoi...@gmail.com
wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
Once more. You CANNOT have neither web-server nor other service
with
On 23 January 2015 at 16:53, Amos Jeffries squ...@treenet.co.nz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 2:47 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 16:40, Amos Jeffries squ...@treenet.co.nz
wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 3:11 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 16:53, Amos Jeffries squ...@treenet.co.nz
wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
On 24/01/2015 2:47 a.m., Odhiambo Washington wrote:
On 23 January 2015 at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 4:29 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 17:33, Amos Jeffries squ...@treenet.co.nz
wrote:
snip
And the good news is that squid-3.5.1 is now allowing client PCs to
browse. Thank you for that.
Horray!
I still
On 23 January 2015 at 18:42, Amos Jeffries squ...@treenet.co.nz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 4:29 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 17:33, Amos Jeffries squ...@treenet.co.nz
wrote:
snip
And the good news is that squid-3.5.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yep, they are mutually exclusive.
23.01.2015 21:29, Odhiambo Washington пишет:
On 23 January 2015 at 17:33, Amos Jeffries squ...@treenet.co.nz
mailto:squ...@treenet.co.nz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 4:56 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 18:42, Amos Jeffries squ...@treenet.co.nz
wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
On 24/01/2015 4:29 a.m., Odhiambo Washington wrote:
On 23 January 2015 at
On 23 January 2015 at 17:33, Amos Jeffries squ...@treenet.co.nz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 3:11 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 16:53, Amos Jeffries squ...@treenet.co.nz
wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1
On 23 January 2015 at 18:29, Odhiambo Washington odhia...@gmail.com wrote:
On 23 January 2015 at 17:33, Amos Jeffries squ...@treenet.co.nz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 3:11 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 16:53, Amos Jeffries
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Once more. You CANNOT have neither web-server nor other service with
listening port 80 on the same host as transparent Squid proxy. This is
one and only reason you have looping.
Look. On my transparent 3.4.11 (which was early 2.7) IPFilter
On 23 January 2015 at 15:17, Yuri Voinov yvoi...@gmail.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Here is it.
There is your loop reason.
root@mail:/usr/src # svn
Type 'svn help' for usage.
root@mail:/usr/src # sockstat -l | grep 80
www httpd 55941 3 tcp6 *:80
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 1:47 a.m., Yuri Voinov wrote:
Once more. You CANNOT have neither web-server nor other service
with listening port 80 on the same host as transparent Squid proxy.
This is one and only reason you have looping.
That is not correct.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 24/01/2015 4:57 a.m., Odhiambo Washington wrote:
On 23 January 2015 at 18:29, Odhiambo Washington wrote:
To simplify:
Suppose I wanted to use IPFilter as the Firewall with IPNat, what
are my options?
Option 1)
wait for me to fix the
25 matches
Mail list logo
