EDITTED: Ipasted in wrong squid.conf the first time
Hi jbm,
thanks for the help!
I still have the same problem though. I have debug_level 28,3 which gives me failures for my own src address, like the packets are not accepted by localhost? If they get seen by squid they have entered INPUT chain and should be 127.0.0.1, not 10.1.0.254
I thought perhaps it was my iptables, masquerade or myredirects from port 80 to 3128... but same things happen always even when I point the browsers proxy address/port straight to squid/havp gateway.
aaiiii, ??????? I have worked on this for 40 hours.
my squid does not match anything for localhost just my src ip 10.1.0.253
/*-------------------------*/
2006/05/29 09:52:47| aclMatchAclList: checking all
2006/05/29 09:52:47| aclMatchAcl: checking 'acl all src 0.0.0.0/0.0.0.0'
2006/05/29 09:52:47| aclMatchIp: '10.1.0.253' found
2006/05/29 09:52:47| aclMatchAclList: returning 1
2006/05/29 09:52:47| aclCheck: checking 'http_access allow localhost Safe_ports '
2006/05/29 09:52:47| aclMatchAclList: checking localhost
2006/05/29 09:52:47| aclMatchAcl: checking 'acl localhost src 127.0.0.1/255.255.255.255'
2006/05/29 09:52:47| aclMatchIp: '10.1.0.253' NOT found
2006/05/29 09:52:47| aclMatchAclList: no match, returning 0
2006/05/29 09:52:47| aclCheck: checking 'http_access deny all'
2006/05/29 09:52:47| aclMatchAclList: checking all
2006/05/29 09:52:47| aclMatchAcl: checking 'acl all src 0.0.0.0/0.0.0.0'
2006/05/29 09:52:47| aclMatchIp: '10.1.0.253' found
2006/05/29 09:52:47| aclMatchAclList: returning 1
2006/05/29 09:52:47| aclCheck: match found, returning 0
2006/05/29 09:52:47| aclCheckCallback: answer=0
/*--------------------------------*/ and i use this havp.conf lines
PARENTPROXY 127.0.0.1
PARENTPORT 8090
PORT 8081
/*--------------------------------*/ and i use this for squid,conf
# SQUID 1
http_port 3128
# SQUID 2
# havp.config has PARENTHOST 127.0.0.1, PARENTPORT 8090
http_port 127.0.0.1:8090
# ACL for the port where havp requests are comming
acl HAVP_PORT myport 127.0.0.1:8090
# We only cache requests for SQUID2
no_cache deny !HAVP_PORT
# HAVP running on port 8081
cache_peer localhost parent 8081 0 no-query no-digest no-netdb-exchange default
# ------------------------------------
# Needed if we want to go directly to SQUID2 without HAVP
# We can't use same peer name twice, so lets use 127.0.0.2..
cache_peer 127.0.0.2 parent 8090 0 no-query no-digest no-netdb-exchange
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 1025-65535 # unpriviledged ports
acl CONNECT method CONNECT
acl QUERY urlpath_regex cgi-bin \?
always_direct allow SSL_ports
cache_peer_access 127.0.0.2 allow localhost
cache_peer_access localhost allow !SSL_ports
cache_peer_access localhost deny all
never_direct allow !SSL_ports
always_direct allow HAVP_PORT
always_direct deny all
# Allow Squid 2 to go out on the internet
http_access allow localhost Safe_ports
http_access deny all