e2guardian + squid 3.4 - TCP_MISS/403 and Forwarding loop detected
2,065 views
Skip to first unread message
Adam S
Oct 2, 2015, 2:41:25 AM10/2/15
to e2guardian
Hello i configured debian with e2guardian 3.2, squid 3.4 and eth0 - wan, eth1 -lan, eth2- lan
When i use only squid all is ok but when i turn on e2 guardian i dont have http request ;/
please help me, becouse i dont see any bads on my configs.
squid.conf
e2guardian.conf
e2guardian/access.log
2015.10.1 14:31:54 - 10.0.0.2 http://www.msftncsi.com/ncsi.txt GET 3272 0 1 403 text/html - -
2015.10.1 14:32:07 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:32:07 - 10.0.0.2 http://onet.pl/favicon.ico GET 0 0 1 403 text/html - -
2015.10.1 14:32:07 - 10.0.0.2 http://onet.pl/favicon.ico GET 0 0 1 403 text/html - -
2015.10.1 14:32:09 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:32:10 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:32:11 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:32:12 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:34:28 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:34:30 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:34:33 - 10.0.0.2 http://wp.pl GET 0 0 1 403 text/html - -
squid/cache.log
2015/10/01 14:34:30 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: onet.pl^M
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: pl,en-US;q=0.7,en;q=0.3^M
Accept-Encoding: identity,gzip,deflate^M
DNT: 1^M
Cookie: onet_cinfo=1; onet_uoi=v1%3Dradrad%2540poczta.onet.pl%26l%3Dradrad%2540poczta.onet.pl%26n%3D1198973%26s%3D1%26k%3D659548%26p%3D0%26z%3D0; onet_cinf=1; ea_uuid=201509100803152697300747^M
Via: 1.0 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 127.0.0.1^M
Cache-Control: max-age=0^M
Connection: keep-alive^M
^M
2015/10/01 14:34:33 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: wp.pl^M
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: pl,en-US;q=0.7,en;q=0.3^M
Accept-Encoding: identity,gzip,deflate^M
DNT: 1^M
Cookie: statid=00892a45af44d90d7e4d741bbbe33f67:e1ae0b:1385636869:v3; statid=00892a45af44d90d7e4d741bbbe33f67:e1ae0b:1385636869:v3; GRwpuuid=70eadbce-b35f-4230-9757-9d878d8a40ac%3A1436874374%3Av1; __gfp_64b=-TURNEDOFF; WP-cookie-info=1; _wpaw=A01B55C15D05E03F02G11H05ZA0ZB0ZC0ZD0ZF1ZG0; ACac2=eJwyNDExsrQwtTQ3rgEEAAD%2F%2Fw3lApE%3D; camps=v1NZkGAAIA9YgDVoiUBgABALnEKVY%3D; sgv=1443443467^M
Via: 1.0 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 127.0.0.1^M
Cache-Control: max-age=259200^M
Connection: keep-alive^M
squid/access.log
When i use only squid all is ok but when i turn on e2 guardian i dont have http request ;/
please help me, becouse i dont see any bads on my configs.
squid.conf
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 192.168.1.0/24 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 0.0.0.0:3130
http_port 0.0.0.0:3129 intercept
cache_mem 2048 MB
maximum_object_size 4 MB
cache_dir ufs /var/spool/squid3 8192 16 256
cache_swap_low 85
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
e2guardian.conf
languagedir = '/etc/e2guardian/languages'
language = 'polish'
loglevel = 2
logexceptionhits = 2
logfileformat = 1
filterip =
filterports = 8080
proxyip = 127.0.0.1
proxyport = 3129
proxytimeout = 20
proxyexchange = 20
pcontimeout = 55
usecustombannedimage = on
custombannedimagefile = '/usr/share/e2guardian/transparent1x1.gif'
usecustombannedflash = on
custombannedflashfile = '/usr/share/e2guardian/blockedflash.swf'
filtergroups = 1
filtergroupslist = '/etc/e2guardian/lists/filtergroupslist'
bannediplist = '/etc/e2guardian/lists/bannediplist'
exceptioniplist = '/etc/e2guardian/lists/exceptioniplist'
showweightedfound = on
weightedphrasemode = 2
urlcachenumber = 1000
urlcacheage = 900
scancleancache = on
phrasefiltermode = 2
preservecase = 0
hexdecodecontent = off
forcequicksearch = off
reverseaddresslookups = off
logclienthostnames = on
createlistcachefiles = on
prefercachedlists = off
maxcontentfiltersize = 256
maxcontentramcachescansize = 2000
maxcontentfilecachescansize = 20000
filecachedir = '/tmp'
deletedownloadedtempfiles = on
initialtrickledelay = 20
trickledelay = 10
downloadmanager = '/etc/e2guardian/downloadmanagers/fancy.conf'
downloadmanager = '/etc/e2guardian/downloadmanagers/default.conf'
contentscannertimeout = 60
contentscanexceptions = off
recheckreplacedurls = off
forwardedfor = off
usexforwardedfor = off
logconnectionhandlingerrors = on
logchildprocesshandling = off
maxchildren = 180
minchildren = 20
minsparechildren = 16
preforkchildren = 10
maxsparechildren = 32
maxagechildren = 500
maxips = 0
ipcfilename = '/tmp/.e2guardianipc'
urlipcfilename = '/tmp/.e2guardianurlipc'
ipipcfilename = '/tmp/.e2guardianipipc'
nodaemon = off
nologger = off
logadblocks = off
loguseragent = off
softrestart = off
mailer = '/usr/sbin/sendmail -t'e2guardian/access.log
2015.10.1 14:31:54 - 10.0.0.2 http://www.msftncsi.com/ncsi.txt GET 3272 0 1 403 text/html - -
2015.10.1 14:32:07 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:32:07 - 10.0.0.2 http://onet.pl/favicon.ico GET 0 0 1 403 text/html - -
2015.10.1 14:32:07 - 10.0.0.2 http://onet.pl/favicon.ico GET 0 0 1 403 text/html - -
2015.10.1 14:32:09 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:32:10 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:32:11 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:32:12 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:34:28 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:34:30 - 10.0.0.2 http://onet.pl GET 0 0 1 403 text/html - -
2015.10.1 14:34:33 - 10.0.0.2 http://wp.pl GET 0 0 1 403 text/html - -
squid/cache.log
2015/10/01 14:34:30 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: onet.pl^M
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: pl,en-US;q=0.7,en;q=0.3^M
Accept-Encoding: identity,gzip,deflate^M
DNT: 1^M
Cookie: onet_cinfo=1; onet_uoi=v1%3Dradrad%2540poczta.onet.pl%26l%3Dradrad%2540poczta.onet.pl%26n%3D1198973%26s%3D1%26k%3D659548%26p%3D0%26z%3D0; onet_cinf=1; ea_uuid=201509100803152697300747^M
Via: 1.0 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 127.0.0.1^M
Cache-Control: max-age=0^M
Connection: keep-alive^M
^M
2015/10/01 14:34:33 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: wp.pl^M
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: pl,en-US;q=0.7,en;q=0.3^M
Accept-Encoding: identity,gzip,deflate^M
DNT: 1^M
Cookie: statid=00892a45af44d90d7e4d741bbbe33f67:e1ae0b:1385636869:v3; statid=00892a45af44d90d7e4d741bbbe33f67:e1ae0b:1385636869:v3; GRwpuuid=70eadbce-b35f-4230-9757-9d878d8a40ac%3A1436874374%3Av1; __gfp_64b=-TURNEDOFF; WP-cookie-info=1; _wpaw=A01B55C15D05E03F02G11H05ZA0ZB0ZC0ZD0ZF1ZG0; ACac2=eJwyNDExsrQwtTQ3rgEEAAD%2F%2Fw3lApE%3D; camps=v1NZkGAAIA9YgDVoiUBgABALnEKVY%3D; sgv=1443443467^M
Via: 1.0 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 127.0.0.1^M
Cache-Control: max-age=259200^M
Connection: keep-alive^M
squid/access.log
1443702729.781 0 127.0.0.1 TCP_MISS/403 349 GET http://onet.pl/ - HIER_NONE/- text/html
1443702729.781 0 127.0.0.1 TCP_MISS/403 441 GET http://onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1443702730.763 0 127.0.0.1 TCP_MISS/403 349 GET http://onet.pl/ - HIER_NONE/- text/html
1443702730.764 1 127.0.0.1 TCP_MISS/403 441 GET http://onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1443702731.657 0 127.0.0.1 TCP_MISS/403 349 GET http://onet.pl/ - HIER_NONE/- text/html
1443702731.658 0 127.0.0.1 TCP_MISS/403 441 GET http://onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1443702732.580 0 127.0.0.1 TCP_MISS/403 349 GET http://onet.pl/ - HIER_NONE/- text/html
1443702732.581 0 127.0.0.1 TCP_MISS/403 441 GET http://onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1443702868.417 0 127.0.0.1 TCP_MISS/403 349 GET http://onet.pl/ - HIER_NONE/- text/html
1443702868.417 24 127.0.0.1 TCP_MISS/403 441 GET http://onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1443702870.698 0 127.0.0.1 TCP_MISS/403 349 GET http://onet.pl/ - HIER_NONE/- text/html
1443702870.698 0 127.0.0.1 TCP_MISS/403 441 GET http://onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1443702873.337 0 127.0.0.1 TCP_MISS/403 349 GET http://wp.pl/ - HIER_NONE/- text/html
1443702873.338 25 127.0.0.1 TCP_MISS/403 441 GET http://wp.pl/ - ORIGINAL_DST/127.0.0.1 text/html
FredB
Oct 2, 2015, 3:18:23 AM10/2/15
to e2guardian
E2guardian is denied by Squid (client from 127.0.0.1)
You must allow the loopback address
Allow x-forward to get source IP from E2guardian in access.log
You must allow the loopback address
Allow x-forward to get source IP from E2guardian in access.log
Adam S
Oct 2, 2015, 5:46:46 AM10/2/15
to e2guardian
Thanks for fast answer.
I try do this:
on squid.conf i add
e2guardian.conf
But when i try to see any site:
squid/cache.log
2015/10/02 11:28:50 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: www.wp.pl^M
I try do this:
on squid.conf i add
acl localhost src 127.0.0.1
follow_x_forwarded_for allow localhoste2guardian.conf
forwardedfor = off
usexforwardedfor = on
xforwardedforfilterip = 127.0.0.1But when i try to see any site:
squid/cache.log
2015/10/02 11:28:50 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: www.wp.pl^M
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: pl,en-US;q=0.7,en;q=0.3^M
Accept-Encoding: identity,gzip,deflate^M
DNT: 1^M
Cookie: statid=00892a45af44d90d7e4d741bbbe33f67:e1ae0b:1385636869:v3; GRwpuuid=70eadbce-b35f-4230-9757-9d878d8a40ac%3A1436874374%3Av1; __gfp_64b=-TURNEDOFF; WP-cookie-info=1; _wpaw=A01B55C15D05E03F02G11H05ZA0ZB0ZC0ZD0ZF1ZG0; ACac2=eJwyNDExsrQwtTQ3rgEEAAD%2F%2Fw3lApE%3D; camps=v1NZkGAAIA9YgDVoiUBgABALnEKVY%3D; sgv=1443712134; reksticket=1443712134; rekticket=1443712134^M
Via: 1.0 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 127.0.0.1^M
Cache-Control: max-age=259200^M
Connection: keep-alive^M
^M
2015/10/02 11:28:55 kid1| WARNING: Forwarding loop detected for:
GET /WeatherService.svc/PreInstallLiveTile?lang=pl-PL®ion=PL&appid=C98EA5B0842DBB9405BBF071E1DA76512D21FE36&FORM=APXWEA HTTP/1.1^M
User-Agent: Microsoft-WNS/6.3^M
Host: weather.tile.appex.bing.com^M
2015/10/02 11:28:55 kid1| WARNING: Forwarding loop detected for:
GET /WeatherService.svc/PreInstallLiveTile?lang=pl-PL®ion=PL&appid=C98EA5B0842DBB9405BBF071E1DA76512D21FE36&FORM=APXWEA HTTP/1.1^M
User-Agent: Microsoft-WNS/6.3^M
Host: weather.tile.appex.bing.com^M
Via: 1.0 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 127.0.0.1^M
Cache-Control: no-cache^M
Connection: keep-alive^M
squid/access.log
1443778130.957 0 127.0.0.1 TCP_MISS/403 349 GET http://www.wp.pl/ - HIER_NONE/- text/html
1443778130.957 26 127.0.0.1 TCP_MISS/403 441 GET http://www.wp.pl/ - ORIGINAL_DST/127.0.0.1 text/html
I try change only on e2guardian.conf without squid but its same problem ;/
maybe i do something wrong?
Connection: keep-alive^M
squid/access.log
1443778130.957 0 127.0.0.1 TCP_MISS/403 349 GET http://www.wp.pl/ - HIER_NONE/- text/html
1443778130.957 26 127.0.0.1 TCP_MISS/403 441 GET http://www.wp.pl/ - ORIGINAL_DST/127.0.0.1 text/html
I try change only on e2guardian.conf without squid but its same problem ;/
maybe i do something wrong?
...
FredB
Oct 2, 2015, 6:28:36 AM10/2/15
to e2guardian
forwardedfor = on -> e2guardian.conf
follow_x_forwarded_for allow all -> squid.conf
forwarded_for on -> squid.conf
Adam S
Oct 2, 2015, 7:03:23 AM10/2/15
to e2guardian
Ok i still trying :) still same :(
e2guardian.conf
e2guardian.conf
filterip = 10.0.0.1
filterports = 8080
proxyip = 127.0.0.1
proxyport = 3129
forwardedfor = on
usexforwardedfor = on
xforwardedforfilterip = 127.0.0.1squid.conf
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 192.168.1.0/24 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
follow_x_forwarded_for allow all
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 0.0.0.0:3130
http_port 0.0.0.0:3129 intercept
forwarded_for on #(default is on)squid/cache.log
2015/10/02 12:50:54 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: interia.pl^M
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: pl,en-US;q=0.7,en;q=0.3^M
Accept-Encoding: identity,gzip,deflate^M
DNT: 1^M
Cookie: __iwa_vid=7949df46-9509-4329-c3b2-b0f3904602a4; cpol=6393580434791; AUID=253518445ab5c557b9ad527759602239; AUID_DATA=%7B%221018%22%3A%7B%22hasSub%22%3Afalse%7D%7D; __adb_aid=02c9550a-0564-4666-a61a-19ca9683c98d^M
Via: 1.0 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 10.0.0.2, 127.0.0.1^M
Cache-Control: max-age=259200^M
Connection: keep-alive^M
^M
2015/10/02 12:54:10 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: www.wp.pl^M
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: pl,en-US;q=0.7,en;q=0.3^M
Accept-Encoding: identity,gzip,deflate^M
DNT: 1^M
Cookie: statid=00892a45af44d90d7e4d741bbbe33f67:e1ae0b:1385636869:v3; GRwpuuid=70eadbce-b35f-4230-9757-9d878d8a40ac%3A1436874374%3Av1; __gfp_64b=-TURNEDOFF; WP-cookie-info=1; _wpaw=A01B55C15D05E03F02G11H05ZA0ZB0ZC0ZD0ZF1ZG0; ACac2=eJwyNDExsrQwtTQ3rgEEAAD%2F%2Fw3lApE%3D; camps=v1NZkGAAIA9YgDVoiUBgABALnEKVY%3D; sgv=1443712134; reksticket=1443712134; rekticket=1443712134^M
Via: 1.0 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 10.0.0.2, 127.0.0.1^M
Cache-Control: max-age=259200^M
Connection: keep-alive^M
^Msquid/access.log
1443783054.824 0 10.0.0.2 TCP_MISS/403 349 GET http://interia.pl/ - HIER_NONE/- text/html
1443783054.824 25 10.0.0.2 TCP_MISS/403 441 GET http://interia.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1443783250.660 0 10.0.0.2 TCP_MISS/403 349 GET http://www.wp.pl/ - HIER_NONE/- text/html
1443783250.660 24 10.0.0.2 TCP_MISS/403 441 GET http://www.wp.pl/ - ORIGINAL_DST/127.0.0.1 text/htmlW dniu piątek, 2 października 2015 08:41:25 UTC+2 użytkownik Adam S napisał:
...
FredB
Oct 2, 2015, 7:19:27 AM10/2/15
to e2guardian
> Ok i still trying :) still same :(
> 1443783054.824 0 10.0 . 0.2 TCP_MISS / 403 349 GET http : //interia.pl/ - HIER_NONE/- text/html
10.0.0.2 not 127.0.0.1 much better
Please try with this acl localnet src 127.0.0.1
Adam S
Oct 2, 2015, 7:48:43 AM10/2/15
to e2guardian
Ok i make this changes:
squid.conf:
squid.conf:
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 192.168.1.0/24 # RFC1918 possible internal network
acl localnet src 127.0.0.1 # RFC1918 possible internal network <-- i add this squid/access.log
after restart squid (i paste all log):
2015/10/02 13:36:17 kid1| Logfile: closing log daemon:/var/log/squid3/access.log
2015/10/02 13:36:17 kid1| Logfile Daemon: closing log daemon:/var/log/squid3/access.log
2015/10/02 13:36:17 kid1| Open FD UNSTARTED 7 DNS Socket IPv6
2015/10/02 13:36:17 kid1| Open FD READ/WRITE 8 DNS Socket IPv4
2015/10/02 13:36:17 kid1| Open FD UNSTARTED 9 IPC UNIX STREAM Parent
2015/10/02 13:36:17 kid1| Squid Cache (Version 3.4.8): Exiting normally.
2015/10/02 13:36:17 kid1| Set Current Directory to /var/spool/squid3
2015/10/02 13:36:17 kid1| Starting Squid Cache version 3.4.8 for x86_64-pc-linux-gnu...
2015/10/02 13:36:17 kid1| Process ID 10298
2015/10/02 13:36:17 kid1| Process Roles: worker
2015/10/02 13:36:17 kid1| With 65535 file descriptors available
2015/10/02 13:36:17 kid1| Initializing IP Cache...
2015/10/02 13:36:17 kid1| DNS Socket created at [::], FD 7
2015/10/02 13:36:17 kid1| DNS Socket created at 0.0.0.0, FD 8
2015/10/02 13:36:17 kid1| Adding nameserver 194.204.152.34 from /etc/resolv.conf
2015/10/02 13:36:17 kid1| Logfile: opening log daemon:/var/log/squid3/access.log
2015/10/02 13:36:17 kid1| Logfile Daemon: opening log /var/log/squid3/access.log
2015/10/02 13:36:18 kid1| Unlinkd pipe opened on FD 14
2015/10/02 13:36:18 kid1| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2015/10/02 13:36:18 kid1| Store logging disabled
2015/10/02 13:36:18 kid1| Swap maxSize 8388608 + 2097152 KB, estimated 806596 objects
2015/10/02 13:36:18 kid1| Target number of buckets: 40329
2015/10/02 13:36:18 kid1| Using 65536 Store buckets
2015/10/02 13:36:18 kid1| Max Mem size: 2097152 KB
2015/10/02 13:36:18 kid1| Max Swap size: 8388608 KB
2015/10/02 13:36:18 kid1| Rebuilding storage in /var/spool/squid3 (clean log)
2015/10/02 13:36:18 kid1| Using Least Load store dir selection
2015/10/02 13:36:18 kid1| Set Current Directory to /var/spool/squid3
2015/10/02 13:36:18 kid1| Finished loading MIME types and icons.
2015/10/02 13:36:18 kid1| HTCP Disabled.
2015/10/02 13:36:18 kid1| commBind: Cannot bind socket FD 19 to [::1]: (99) Cannot assign requested address
2015/10/02 13:36:18 kid1| commBind: Cannot bind socket FD 20 to [::1]: (99) Cannot assign requested address
2015/10/02 13:36:18 kid1| ERROR: Failed to create helper child read FD: UDP[::1]
2015/10/02 13:36:18 kid1| Squid plugin modules loaded: 0
2015/10/02 13:36:18 kid1| Adaptation support is off.
2015/10/02 13:36:18 kid1| Accepting HTTP Socket connections at local=0.0.0.0:3130 remote=[::] FD 17 flags=9
2015/10/02 13:36:18 kid1| Accepting NAT intercepted HTTP Socket connections at local=0.0.0.0:3129 remote=[::] FD 18 flags=41
2015/10/02 13:36:18 kid1| Done reading /var/spool/squid3 swaplog (435 entries)
2015/10/02 13:36:18 kid1| Finished rebuilding storage from disk.
2015/10/02 13:36:18 kid1| 435 Entries scanned
2015/10/02 13:36:18 kid1| 0 Invalid entries.
2015/10/02 13:36:18 kid1| 0 With invalid flags.
2015/10/02 13:36:18 kid1| 435 Objects loaded.
2015/10/02 13:36:18 kid1| 0 Objects expired.
2015/10/02 13:36:18 kid1| 0 Objects cancelled.
2015/10/02 13:36:18 kid1| 0 Duplicate URLs purged.
2015/10/02 13:36:18 kid1| 0 Swapfile clashes avoided.
2015/10/02 13:36:18 kid1| Took 0.02 seconds (17538.20 objects/sec).
2015/10/02 13:36:18 kid1| Beginning Validation Procedure
2015/10/02 13:36:18 kid1| Completed Validation Procedure
2015/10/02 13:36:18 kid1| Validated 435 Entries
2015/10/02 13:36:18 kid1| store_swap_size = 7944.00 KB
2015/10/02 13:36:19 kid1| storeLateRelease: released 0 objects
2015/10/02 13:36:44 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: www.onet.pl^M
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: pl,en-US;q=0.7,en;q=0.3^M
Accept-Encoding: identity,gzip,deflate^M
DNT: 1^M
Cookie: onet_cinfo=1; onet_uoi=v1%3Dmbprad%2540poczta.onet.pl%26l%3Dmbprad%2540poczta.onet.pl%26n%3D1198973%26s%3D1%26k%3D659548%26p%3D0%26z%3D0; onet_cinf=1; ea_uuid=201509100803152697300747^M
Via: 1.0 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 10.0.0.2, 127.0.0.1^M
Cache-Control: max-age=259200^M
Connection: keep-alive^M
^M
2015/10/02 13:36:51 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: www.onet.pl^M
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: pl,en-US;q=0.7,en;q=0.3^M
Accept-Encoding: identity,gzip,deflate^M
DNT: 1^M
Cookie: onet_cinfo=1; onet_uoi=v1%3Dmbprad%2540poczta.onet.pl%26l%3Dmbprad%2540poczta.onet.pl%26n%3D1198973%26s%3D1%26k%3D659548%26p%3D0%26z%3D0; onet_cinf=1; ea_uuid=201509100803152697300747^M
Via: 1.0 bib-fw (squid/3.4.8)^M
Via: 1.0 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 10.0.0.2, 127.0.0.1^M
Cache-Control: max-age=0^M
Connection: keep-alive^Msquid/access.log
1443785804.158 0 10.0.0.2 TCP_MISS/403 349 GET http://www.onet.pl/ - HIER_NONE/- text/html
1443785804.158 33 10.0.0.2 TCP_MISS/403 441 GET http://www.onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1443785811.329 0 10.0.0.2 TCP_MISS/403 349 GET http://www.onet.pl/ - HIER_NONE/- text/html
1443785811.329 1 10.0.0.2 TCP_MISS/403 441 GET http://www.onet.pl/ - ORIGINAL_DST/127.0.0.1 text/htmli hope i good understood You :) but still nothing
W dniu piątek, 2 października 2015 08:41:25 UTC+2 użytkownik Adam S napisał:
...
FredB
Oct 2, 2015, 8:20:54 AM10/2/15
to e2guardian
> http_port 0.0 . 0.0 : 3129 intercept
Transparent proxy ?
> e2guardian.conf
> proxyport = 3129
Squid works in transparent mode without E2 ?
There no confusion with implicit or transparent proxy ? Can you make a try in implicit mode ?
Adam S
Oct 2, 2015, 8:26:55 AM10/2/15
to e2guardian
Yes i need transparent proxy.
Without e2 squid works fine.
I try check this mode (implicit) but after weekend.
Without e2 squid works fine.
I try check this mode (implicit) but after weekend.
W dniu piątek, 2 października 2015 08:41:25 UTC+2 użytkownik Adam S napisał:
...
Adam S
Oct 5, 2015, 6:35:20 AM10/5/15
to e2guardian
Hello, i try to use only squid without e2 guardian and looks all fine (with intercept mode).
here you are squid/access.log:
Can you tell me something about you question - implicit is a squid option with:
here you are squid/access.log:
1444040606.623 55 10.0.0.2 TCP_MISS/200 1613 GET http://ocdn.eu/images/pulscms/Yzk7MDYsMjgsMjg_/29876d82560646c1fffcab9c2b2c551a.jpg - ORIGINAL_DST/213.180.141.142 image/jpeg
1444040606.628 53 10.0.0.2 TCP_REFRESH_UNMODIFIED/200 1549 GET http://ocdn.eu/images/pulscms/MTk7MDYsMjgsMjg_/8c7d97c8ef2e4773891ad5a1f028d67b.jpg - ORIGINAL_DST/213.180.141.142 image/jpeg
1444040606.639 57 10.0.0.2 TCP_REFRESH_UNMODIFIED/200 24852 GET http://ocdn.eu/files/pulscms/ODk7MDA_/2d3106a266e84ea1b1a6cffd023c060f.png - ORIGINAL_DST/213.180.141.142 image/pngCan you tell me something about you question - implicit is a squid option with:
http_port 0.0.0.0:3130
http_port 0.0.0.0:3129 (without intercept?)
i cant find "implicit" on squid documentation :(
http_port 0.0.0.0:3129 (without intercept?)
i cant find "implicit" on squid documentation :(
W dniu piątek, 2 października 2015 08:41:25 UTC+2 użytkownik Adam S napisał:
...
FredB
Oct 5, 2015, 7:39:14 AM10/5/15
to e2guardian
Implicit means browser with proxy configuration IP:PORT
The first step, is trying squid in implicit mode and after e2 + squid in implicit mode
So proxyport = 3130 in e2
Squid deny the request from E2 (403) there is something wrong with your squid configuration, you can also make a try with http_access allow all (just for test !)
The first step, is trying squid in implicit mode and after e2 + squid in implicit mode
So proxyport = 3130 in e2
Squid deny the request from E2 (403) there is something wrong with your squid configuration, you can also make a try with http_access allow all (just for test !)
Adam S
Oct 5, 2015, 8:16:15 AM10/5/15
to e2guardian
Hello
I use that implicit on me webbrowser and i add that allow all to squid, and that is my logs:
squid/cache.log:
I use that implicit on me webbrowser and i add that allow all to squid, and that is my logs:
squid/cache.log:
2015/10/05 14:05:17 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1^M
Host: www.onet.pl^M
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0^M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^M
Accept-Language: pl,en-US;q=0.7,en;q=0.3^M
Accept-Encoding: gzip, deflate^M
DNT: 1^M
Cookie: onet_cinfo=1; onet_uoi=v1%3Dmbprad%2540poczta.onet.pl%26l%3Dmbprad%2540poczta.onet.pl%26n%3D1198973%26s%3D1%26k%3D659548%26p%3D0%26z%3D0; onet_cinf=1; ea_uuid=201509100803152697300747^M
Via: 1.1 bib-fw (squid/3.4.8)^M
X-Forwarded-For: 10.0.0.2^M
Cache-Control: max-age=259200^M
Connection: keep-alive^Msquid/access.log
1444046230.311 0 10.0.0.2 TCP_MISS/403 349 GET http://www.onet.pl/ - HIER_NONE/- text/html
1444046230.311 28 10.0.0.2 TCP_MISS/403 441 GET http://www.onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1444046233.737 0 10.0.0.2 TCP_MISS/403 349 GET http://www.onet.pl/ - HIER_NONE/- text/html
1444046233.738 1 10.0.0.2 TCP_MISS/403 441 GET http://www.onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1444046403.952 0 10.0.0.2 TCP_MISS/403 349 GET http://www.onet.pl/ - HIER_NONE/- text/html
1444046403.953 25 10.0.0.2 TCP_MISS/403 441 GET http://www.onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1444046407.072 0 10.0.0.2 TCP_MISS/403 349 GET http://www.onet.pl/ - HIER_NONE/- text/html
1444046407.072 0 10.0.0.2 TCP_MISS/403 441 GET http://www.onet.pl/ - ORIGINAL_DST/127.0.0.1 text/html
1444046717.096 0 10.0.0.2 TCP_MISS/403 349 GET http://www.onet.pl/ - HIER_NONE/- text/html
1444046717.096 24 10.0.0.2 TCP_MISS/403 441 GET http://www.onet.pl/ - ORIGINAL_DST/10.0.0.1 text/htmlMy squid config:
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
follow_x_forwarded_for allow all
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access allow all # < ---------------
http_port 3130
http_port 3129 interceptdamn ....
W dniu piątek, 2 października 2015 08:41:25 UTC+2 użytkownik Adam S napisał:
...
FredB
Oct 5, 2015, 8:43:54 AM10/5/15
to e2guardian
> I use that implicit on me webbrowser and i add that allow all to squid, and that is my logs:
> squid/cache.log:
Adam S
Oct 5, 2015, 3:31:51 PM10/5/15
to e2guardian
Nope 3129 becouse this port i have forward on firewall.
Squid listen to ports 3129 (intercept) and 3130 but i dont have any idea why i must open this port on squid config (all tutorials on web with squid 3.3 - 3.4 have open one extra port and it is not for ssl bump - on my old config on mandriva linux i have open only one - 3129 transparent and its working very well).
Squid listen to ports 3129 (intercept) and 3130 but i dont have any idea why i must open this port on squid config (all tutorials on web with squid 3.3 - 3.4 have open one extra port and it is not for ssl bump - on my old config on mandriva linux i have open only one - 3129 transparent and its working very well).
W dniu piątek, 2 października 2015 08:41:25 UTC+2 użytkownik Adam S napisał:
...
Adam S
Oct 18, 2015, 7:55:45 AM10/18/15
to e2guardian
Ok i remove debian and install ubuntu server 14 and remove Squid 3.4 and install 3.3.x and its work now :)
Thanks for help anyway :)
Thanks for help anyway :)
W dniu piątek, 2 października 2015 08:41:25 UTC+2 użytkownik Adam S napisał:
...
Reply all
Reply to author
Forward
0 new messages