On Dec 7, 2010, at 5:13 PM, Amos Jeffries wrote: > On 08/12/10 05:32, donovan jeffrey j wrote: >> greetings >> >> i recently updated my transparent proxy to sq 3.1.9, which also uses >> squidguard for url filters. > > First "best practice" is to use the right terminology. sorry i forgot we changed that ;) > > Your log traces says "Accepting intercepted HTTP connections at > 10.0.2.3:3128" So they are NAT interception connections.
yes I am using NAT after Squid. client --- > [ squid ] ----> [ NAT ] ---> > > >> >> this have been bogging down. browser always says ,.." waiting for >> google,... or waiting for www.abc.com >> I could have a dns issue or I could have a cache swap issue or a squidguard >> issue. I first wanted to make sure that running 3.1.9 transparent is the >> best version for the job. I had read a while back in a thread that v2.7 >> might be better than 3.1.x. Can anyone confirm ? > > 2.7 should not be. > > I've not had anyone explicitly mention whether the NAT logic upgrades to 3.x > worked or not in Mac. The BSD ones needed some extra fixes which were done > back around 3.1.6 So basically 3.1.9 should be fine for my purposes then. here is my config. does anything stand out as wrong or should be adjusted ? # squid.conf # # # # set logging to the lowest level debug_options ALL,1 #access to squid and the cache manager # acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl all src 0.0.0.0/0.0.0.0 acl noc src 10.3.1.0/24 10.135.0.0/16 10.235.0.0/16 10.35.1.0/24 acl admin src 10.139.0.0/16 10.136.0.0/16 10.103.0.0/16 acl hs src 10.150.0.0/16 10.149.0.0/16 10.151.0.0/16 10.152.0.0/16 10.153.0.0/16 acl ms src 10.142.0.0/16 10.140.0.0/16 acl ele src 10.104.0.0/16 #no cache settings no_cache deny noc no_cache deny admin no_cache deny hs no_cache deny ms no_cache deny ele no_cache deny all http_access allow manager localhost #http_access allow manager apache http_access allow noc http_access allow admin http_access allow hs http_access allow ms http_access allow ele http_access deny all #Squid's user and group cache_effective_user squid squid #visible hostname visible_hostname T1-2 # set log directories cache_access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log # set cache directories of 16GB each cache_dir ufs /usr/local/squid/var/cache 100 16 256 request_header_max_size 1000 KB # set the cache memory target for the Squid process cache_mem 100 MB http_port 3128 httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on # redirect_program /usr/local/bin/squidGuard redirect_children 100 client_persistent_connections off server_persistent_connections off
