[squid-dev] [Issue Report] Squid forward request to 0.0.0.0/8

[Yang, Chao]

Dear Squid Support Team,
Hope you are everything well.

I meet a strange issue and hope you could give some suggestions.

Background:
I am using squid as a proxy to register my SUSE EC2 Instance in AWS. I 
installed squid in Amazon Linux 2023 and just modify /etc/squid/squid.conf file 
"http_access deny all" to "http_access allow all".

After that , I set the enviroment in SUSE Instance(172.31.45.49 is Squid 
instance):
    env | grep proxy
    https_proxy=http://172.31.45.49:3128
    http_proxy=http://172.31.45.49:3128
    no_proxy=169.254.169.254

When I tried to register SUSE instance with command "registercloudguest 
--force-new", got the following error(/var/log/cloudregister):
===================================================================================================================
2025-06-05 05:23:34,418 ERROR:  Registration failed: Registering system to 
registration proxy https://smt-ec2.susecloud.net

Updating system details on https://smt-ec2.susecloud.net ...

Activating sle-module-web-scripting 15.5 x86_64 ...
-> Adding service to system ...
command '/usr/bin/zypper --non-interactive refs 
Web_and_Scripting_Module_x86_64' failed
Error: zypper returned 1 with 'Unexpected exception.
Unknown error reading from 
'plugin:/susecloud?credentials=Web_and_Scripting_Module_x86_64&path=/services/2494'
History:
- Not ready to read within timeout.

Please file a bug report about this.
See http://en.opensuse.org/Zypper/Troubleshooting for instructions.' (exit 
status 1)
===================================================================================================================

Action taken:
I found there are lots of strange log when I register SUSE as 
below(/var/log/squid/access.log):
===================================================================================================================
1749103351.951      3 172.31.47.207 TCP_DENIED/403 3804 CONNECT 0.0.10.40:1 - 
HIER_NONE/- text/html
1749103366.975      4 172.31.47.207 TCP_DENIED/403 3802 CONNECT 0.0.9.96:7 - 
HIER_NONE/- text/html
1749103375.466  59932 172.31.47.207 TCP_TUNNEL/503 0 CONNECT 0.0.9.102:443 - 
HIER_DIRECT/0.0.9.102 -
===================================================================================================================

After I edited the config file(/etc/squid/squid.conf) and add the following:
    acl invalid_dst dst 0.0.0.0/8
    http_access deny invalid_dst

I could register SUSE without any error.

When I access Amazon S3 using squid instance, there is no any strange IP in the 
access log.

I checked /etc/hosts and no any information of "0.0.0.0/8"

Action Required:
Do you know why squid forward request to 0.0.0.0/8?

Thank you!

Best Regards
Yang Chao

_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-dev