用浏览器访问本机，出现错误，但错误提示信息是由squid产生的，请问是怎么回事？

ahking

斑竹包涵：

用浏览器访问本机，出现错误，但错误提示信息是由squid产生的，请问是怎么回事？
比较奇怪，如下：
ERROR
The requested URL could not be retrieved

--------------------------------------------------------------------------------

While trying to retrieve the URL: /

The following error was encountered:

Invalid URL
Some aspect of the requested URL is incorrect. Possible problems:

Missing or incorrect access protocol (should be `http://'' or similar)
Missing hostname
Illegal double-escape in the URL-Path
Illegal character in hostname; underscores are not allowed
Your cache administrator is root.



--------------------------------------------------------------------------------
Generated Mon, 22 Jan 2007 01:13:37 GMT by localhost (Squid/2.4.STABLE7)



难道squid接管浏览器了？squid配置如下：


visible_hostname localhost
http_port 80
cache_mem 76 MB
cache_swap_low 80
cache_swap_high 95
#cache_peer 10.68.139.34 parent 8999 3130 no-query default
hierarchy_stoplist cgi-bin ?
half_closed_clients off
hierarchy_stoplist -i ^https:\\ ?
acl QUERY urlpath_regex -i cgi-bin \? \.asp \.php \.jsp \.cgi
acl denyssl urlpath_regex -i ^https:\\
no_cache deny QUERY
no_cache deny denyssl

ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024

ftp_user Squid@
ftp_passive on

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl manager proto cache_object

acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
#acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
http_access deny !Safe_ports

acl SSL_ports port 443 563 8601
acl CONNECT method CONNECT
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager

http_access allow localhost

# And finally deny all other access to this proxy
#never_direct allow all


acl ken src 1.1.1.2
http_access allow ken



http_access deny all


icp_access allow all

[ 本帖最后由 ahking 于 2007-2-13 08:18 编辑 ]

zhangjie_it

浏览器中设置代理了吗？

要是没设的话，注意是不是透明代理啊？

HonestQiao

原帖由 ahking 于 2007-2-12 10:53 发表于 1楼  
斑竹包涵：

用浏览器访问本机，出现错误，但错误提示信息是由squid产生的，请问是怎么回事？
比较奇怪，如下：
ERROR
The requested URL could not be retrieved

----------------------------------- ...

那么，你期望的是什么形式呢？

你现在的squid监听了80端口啊。

kenduest

原帖由 ahking 于 2007-2-12 10:53 发表于 1楼  
斑竹包涵：

用浏览器访问本机，出现错误，但错误提示信息是由squid产生的，请问是怎么回事？
比较奇怪，如下：
ERROR
The requested URL could not be retrieved

----------------------------------- ...

一文多贴。

http://linux.chinaunix.net/bbs/v ... d=887983&extra=

--

ahking

抱歉,很久了,也没解决该问题,我的目的实际上是
内网做对外服务器出现的问题


网络结构为：一台linux服务器，双网卡，一块接大网，一块接局域网，接大网网卡有固定的大网IP

实现目标：当大网用户访问该liunx服务器的大网IP时，直接转向到局域网的另一台WEB服务器上
参照以前的帖子：
假定内IP提供服务的主机IP为1.1.1.1，提供互联网代理的主机外网IP为2.2.2.2

/sbin/iptables -t nat -A POSTROUTING -s 1.1.1.1 -o eth0 -j SNAT --to 2.2.2.2
/sbin/iptables -t nat -A PREROUTING -p tcp -d 2.2.2.2 --dport 80 -i eth0 -j DNAT --to 1.1.1.1


结果出现错误：
ERROR
The requested URL could not be retrieved

--------------------------------------------------------------------------------

While trying to retrieve the URL: /

The following error was encountered:

Invalid URL
Some aspect of the requested URL is incorrect. Possible problems:

Missing or incorrect access protocol (should be `http://'' or similar)
Missing hostname
Illegal double-escape in the URL-Path
Illegal character in hostname; underscores are not allowed
Your cache administrator is root.



--------------------------------------------------------------------------------
Generated Mon, 22 Jan 2007 01:13:37 GMT by localhost (Squid/2.4.STABLE7)

请问是什么原因？

squid如下：

visible_hostname localhost
http_port 80
cache_mem 76 MB
cache_swap_low 80
cache_swap_high 95

hierarchy_stoplist cgi-bin ?
half_closed_clients off
hierarchy_stoplist -i ^https:\\ ?
acl QUERY urlpath_regex -i cgi-bin \? \.asp \.php \.jsp \.cgi
acl denyssl urlpath_regex -i ^https:\\
no_cache deny QUERY
no_cache deny denyssl

ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024

ftp_user Squid@
ftp_passive on

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl manager proto cache_object

acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
#acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
http_access deny !Safe_ports

acl SSL_ports port 443 563 8601
acl CONNECT method CONNECT
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager

http_access allow localhost

# And finally deny all other access to this proxy
#never_direct allow all


acl ken src 1.1.1.2
http_access allow ken



http_access deny all


icp_access allow all

透明代理不是需要加上以下一句么:
httpd_accel_host virtual
httpd_accel_port 80

ahking

我修改了端口,squid不报错了,但提示无法找到服务器
/sbin/iptables -t nat -A POSTROUTING -s 1.1.1.1 -o eth0 -j SNAT --to 2.2.2.2
/sbin/iptables -t nat -A PREROUTING -p tcp -d 2.2.2.2 --dport 8000 -i eth0 -j DNAT --to 1.1.1.1:8000

kenduest

原帖由 ahking 于 2007-2-14 11:37 发表于 6楼  
我修改了端口,squid不报错了,但提示无法找到服务器
/sbin/iptables -t nat -A POSTROUTING -s 1.1.1.1 -o eth0 -j SNAT --to 2.2.2.2
/sbin/iptables -t nat -A PREROUTING -p tcp -d 2.2.2.2 --dport 8000 - ...

squid faq 已经告诉你 transparent proxy 要改哪些组态了...

http://man.chinaunix.net/newsoft/squid/Squid_FAQ/FAQ-17.html

你设定档案来看，是没有调整支援到 transparent proxy 所需参数配置。

还有一个问题不要到处张贴，因为回覆的时候到底要贴哪篇呢 ?

--

ahking

请以这个为主吧,把另外的删除不会扣分吧!

我不是要做透明代理啊,我是想做一个web服务转向的功能,当用户在浏览器中以 http://ip:8000的方式访问该机时,让其转到另外一台web服务器上

kenduest

原帖由 ahking 于 2007-2-14 14:14 发表于 8楼  
请以这个为主吧,把另外的删除不会扣分吧!
我不是要做透明代理啊,我是想做一个web服务转向的功能,当用户在浏览器中以 http://ip:8000的方式访问该机时,让其转到另外一台web服务器上

可以阅读 squid guide 文件:

http://www.visolve.com/squid/whitepapers/reverseproxy.php

--

ahking

不能用iptables实现么?