lör 2007-01-20 klockan 06:50 -0200 skrev Michel Santos:
> Henrik Nordstrom disse na ultima mensagem:
> > lör 2007-01-20 klockan 01:11 -0200 skrev Michel Santos:
> >
> >> > Then post
> >> >
> >> > * iptables ruleset
> >> > * http_port + cache_peer + visible_hostname settings of each Squid
> >> > * cache.log output of ALL,1 (no extra debugging enabled) from each
> >> > Squid.
> >>
> >>
> >> it is FreeBSD and IPFW
> >
> > Then post your ipfw rules instead of iptables.
> >
>
> oook, here it is
>
> fwd 127.0.0.1,8080 tcp from _IP_ to any dst-port 80 in via WIP1
> allow ip from any to any
And squid.conf or cache.log?
> squid when running transparent mode is marking "x-forwarded request-IP,
> my-outgoing-IP" isn't it?
Squid always add an x-forwarded-for header with the original client IP
unless told not to. No matter if it's configured for transparent
interception or not.
> so it seems that squid1 or squid2, when running on 127*, do NOT understand
> when my-outgoing-IP is 127.0.0.1 but does when it is any other
>
> or is it possible that squid assumes getting just forwarded packages by
> the OS when running on 127* but not already forwarded packages from a
> peer?
Squid is a TCP application. It does not know or care about packets.
> squid0 do *NOT* go direct since I have
>
> never_direct allow all
> always_direct deny all
Ok. Which leaves unique_hostname as the mist likely candidate. But you
still have not told which error is seen, if there is anything logged in
cache.log on either of the Squids, or what your configuration looks like
so I can only guess.
> ok, I will do it this days, but may be you like to look meanwhile where
> squid get confused here because you said this should be the same on all
> squid versions. Since there are no extra configurations for this case in
> 2.6, my 2.5 config should work I guess.
I don't know what to look for.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST