免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块 发新帖
查看: 1991 | 回复: 0
打印 上一主题 下一主题

squid透明代理问题 [复制链接]

论坛徽章:
0
跳转到指定楼层
1 [收藏(0)] [报告]
发表于 2009-09-21 17:09 |只看该作者 |倒序浏览
大家好,我是一个Linux新手,请大家多多照顾,谢谢!
我说下我的环境:
我用CentOS5.3做squid服务器,eth0为共享ip,eth1为内部ip,转发功能已开启,没配置透明代理时客户机能正常上网,但是做了透明代理问题就出现了,比如在浏览器里输入www.qq.com就出现:
ERROR
The requested URL could not be retrieved
--------------------------------------------------------------------------------
While trying to process the request:
GET / HTTP/1.1
Accept: */*
Accept-Language: zh-cn
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TheWorld)
Host: www.qq.com
Connection: Keep-Alive
Cookie: QQ_IPAddress=%u8FBD%u5B81%u7701%2C%u6C88%u9633%u5E02; ad_play_index=60; pvid=8831848390; flv=10.0; r_cookie=99219316286

The following error was encountered:
Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
Missing or unknown request method
Missing URL
Missing HTTP Identifier (HTTP/1.0)
Request is too large
Content-Length missing for POST or PUT requests
Illegal character in hostname; underscores are not allowed
Your cache administrator is root.

--------------------------------------------------------------------------------
Generated Wed, 17 Mar 1999 05:54:28 GMT by localhost.localdomain (squid/2.6.STABLE21)

我的squid.conf配置如下:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow  all
icp_access allow all
http_port 3128
hierarchy_stoplist cgi-bin ?
cache_mem 32 MB
maximum_object_size_in_memory 8 KB
cache_dir ufs /var/spool/squid 10000 16 256
minimum_object_size 0 KB
maximum_object_size 65536 KB
cache_swap_low 85
cache_swap_high 90
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
pid_filename /var/run/squid.pid
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
icp_port 3130
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
coredump_dir /var/spool/squid
httpd_accel_host localhost
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

iptables策略:
[root@localhost squid]# iptables -L -nv
Chain INPUT (policy ACCEPT 129K packets, 93M bytes)
pkts bytes target     prot opt in     out     source               destination
5514 1080K ACCEPT     all  --  eth1   *       0.0.0.0/0            0.0.0.0/0
Chain FORWARD (policy ACCEPT 2131 packets, 1009K bytes)
pkts bytes target     prot opt in     out     source               destination
Chain OUTPUT (policy ACCEPT 141K packets, 99M bytes)
pkts bytes target     prot opt in     out     source               destination

[root@localhost squid]# iptables -t nat -L -nv
Chain PREROUTING (policy ACCEPT 1263 packets, 145K bytes)
pkts bytes target     prot opt in     out     source               destination
  926 59264 REDIRECT   tcp  --  eth0   *       172.16.0.0/16        0.0.0.0/0           tcp dpt:80 redir ports 3128
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination
1812  111K MASQUERADE  all  --  *      eth0    172.16.0.0/16        0.0.0.0/0
Chain OUTPUT (policy ACCEPT 1636 packets, 98410 bytes)
pkts bytes target     prot opt in     out     source               destination

问题出在哪里,请各位高手帮帮忙看下,感激不尽,谢谢,非常急!!!!!
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP