here is my squid.conf http://pastebin.com/raw/9BTcpVkL
Here is what log looks like when i grep packates from Apple Devices when app store is opened. 1486551793.635 742 192.168.1.12 TAG_NONE/200 0 CONNECT 17.110.234.27:443 - ORIGINAL_DST/17.110.234.27 - 1486551796.343 30610 192.168.1.12 TAG_NONE/200 0 CONNECT 104.113.210.17:443 - HIER_NONE/- - 1486551796.343 30605 192.168.1.12 TCP_TUNNEL/200 30574 CONNECT init.itunes.apple.com:443 - ORIGINAL_DST/104.113.210.17 - 1486551799.097 30326 192.168.1.12 TAG_NONE/200 0 CONNECT 104.113.210.17:443 - HIER_NONE/- - 1486551799.097 30324 192.168.1.12 TCP_TUNNEL/200 30584 CONNECT init.itunes.apple.com:443 - ORIGINAL_DST/104.113.210.17 - 1486551799.502 726 192.168.1.12 TAG_NONE/200 0 CONNECT 17.110.234.27:443 - ORIGINAL_DST/17.110.234.27 - 2017/02/08 16:33:19 kid1| SECURITY ALERT: Host header forgery detected on local=17.173.66.101:443 remote=192.168.1.12:53158 FD 477 flags=33 (local IP does not match any domain IP) 1486551805.013 59549 192.168.1.12 TAG_NONE/200 0 CONNECT 17.110.234.27:443 - ORIGINAL_DST/17.110.234.27 - 2017/02/08 16:33:33 kid1| SECURITY ALERT: Host header forgery detected on local=104.113.210.17:443 remote=192.168.1.12:53159 FD 659 flags=33 (local IP does not match any domain IP) 1486551826.441 57130 192.168.1.12 TAG_NONE/200 0 CONNECT 17.173.66.96:443 - HIER_NONE/- - 1486551826.441 57052 192.168.1.12 TCP_TUNNEL/200 6671 CONNECT pd-st.itunes.apple.com:443 - ORIGINAL_DST/17.173.66.96 - 1486551852.061 211 192.168.1.12 TAG_NONE/200 0 CONNECT 104.113.210.11:443 - ORIGINAL_DST/104.113.210.11 - 1486551852.434 216 192.168.1.12 TCP_MISS/200 7010 GET https://configuration.apple.com/configurations/internetservices/cloudkit/cloudkit-1.0.plist - ORIGINAL_DST/104.113.210.11 text/xml 1486551881.425 234 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 - 1486551881.791 130 192.168.1.12 TCP_MISS_ABORTED/200 620 ACE https://guzzoni.apple.com/ace - ORIGINAL_DST/17.252.172.5 - 1486551882.684 207 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 - 1486551882.829 348 192.168.1.12 TCP_REFRESH_MODIFIED/200 415 HEAD http://www.apple.com/ - ORIGINAL_DST/104.113.211.46 text/html 1486551882.859 68 192.168.1.12 TCP_MISS/200 101 HEAD https://guzzoni.apple.com/salt - ORIGINAL_DST/17.252.172.5 - 1486551883.004 207 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 - 1486551883.083 67 192.168.1.12 TCP_MISS/406 133 HEAD https://guzzoni.apple.com/ace - ORIGINAL_DST/17.252.172.5 - 1486551884.123 202 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 - 1486551884.301 81 192.168.1.12 TCP_MISS_ABORTED/200 622 ACE https://guzzoni.apple.com/ace - ORIGINAL_DST/17.252.172.5 - 1486551886.908 43 192.168.1.12 TCP_REFRESH_MODIFIED/200 415 HEAD http://www.apple.com/ - ORIGINAL_DST/104.113.211.46 text/html 1486551887.085 207 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 - 1486551887.168 67 192.168.1.12 TCP_MISS/406 133 HEAD https://guzzoni.apple.com/ace - ORIGINAL_DST/17.252.172.5 - 1486551887.310 200 192.168.1.12 TAG_NONE/200 0 CONNECT 17.252.172.5:443 - ORIGINAL_DST/17.252.172.5 - 1486551887.416 68 192.168.1.12 TCP_MISS/200 101 HEAD https://guzzoni.apple.com/salt - ORIGINAL_DST/17.252.172.5 - On Wed, Feb 8, 2017 at 12:35 AM, Hardik Dangar <hardikdangar+sq...@gmail.com > wrote: > Hello, > > > Here is some information about my squid version, > > Squid Cache: Version 3.5.23 > Service Name: squid > configure options: '--prefix=/usr' '--localstatedir=/var/squid' > '--libexecdir=/lib/squid' '--srcdir=.' '--datadir=/share/squid' > '--sysconfdir=/etc/squid' '--with-default-user=proxy' > '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' > '--with-openssl' '--enable-ssl-crtd' '--enable-inline' > '--disable-arch-native' '--enable-async-io=8' > '--enable-storeio=ufs,aufs,diskd,rock' > '--enable-removal-policies=lru,heap' '--enable-delay-pools' > '--enable-follow-x-forwarded-for' '--enable-url-rewrite-helpers=fake' > '--enable-ecap' > > > We are running squid as transparent proxy and have certs installed in all > systems. Until recently all our systems were ubuntu or windows. Recently we > added mac os Seirra and the biggest issue we had with mac is even after > installing certificates. Few apps have problems. > > Our biggest problem is Itunes Store. It just doesn't work for some reason. > if we check the log we get random ip's trying to connect via 443 port but > it doesn't connect. > Also Skype for Mac does not work. strangely this works for windows and > ubuntu in our network. Again we see the same behavior. > > both of these apps does not work even in Iphone and Ipad. > > I believe someone must be able to configure transparent squid with Mac. > can anyone tell me if i need to do anything extra for Mac setup. >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
