Good Day All, i'm new to squid and i have configured squid as an http transparent proxy with a mikrotik. the squid server has only a single NIC, so i followed a tutorial and set up a dst-nat to squid proxy for traffic on port 80, Chain:dstnat. Protocol:tcp Dst-port:80 Action:dst-nat To Addresses:192.168.2.2 (squid proxy) To ports:8080 but after setup, only https traffic works correctly, http traffic client error is "This page isn't working ERR_EMPTY_RESPONSE" squid access.log is empty then in squid cache.log these are the errors
``` 2018/10/19 17:08:54 kid1| ERROR: NF getsockopt(ORIGINAL_DST) failed on local=192.168.2.2:8080 remote=192.168.1.254:41248 FD 10 flags=33: (92) Protocol not available 2018/10/19 17:08:54 kid1| ERROR: NAT/TPROXY lookup failed to locate original IPs on local=192.168.2.2:8080 remote=192.168.1.254:41248 FD 10 flags=33 ``` please find below my squid.conf contents ``` acl localnet src 192.168.1.0/24 acl SSL_ports port 443 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT icap_enable off icap_service service_req reqmod_precache 1 icap://127.0.0.1:1344/REQMOD adaptation_service_set class_req service_req adaptation_access class_req allow all icap_service service_resp respmod_precache 0 icap://127.0.0.1:1344/RESPMOD adaptation_service_set class_resp service_resp adaptation_access class_resp allow all http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access deny manager http_access deny to_localhost http_access allow localnet http_access allow localhost http_access allow all http_port 3128 http_port 8080 transparent access_log daemon:/var/log/squid/access.log squid coredump_dir /var/spool/squid refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 refresh_pattern . 0 20% 4320 ``` please any help or correction would be highly appreciated, i am not even sure if the approach is correct. -- Nebedum Uchenna
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users