Le lundi 28 novembre 2011 à 12:05 +1300, Amos Jeffries a écrit :
> On Sun, 27 Nov 2011 23:36:23 +0100, David Touzeau wrote:
> > Dear
> >
> > I have this squid version :
> >
> > Squid Cache: Version 3.2.0.13-20111125-r11436
> > configure options: '--prefix=/usr' '--includedir=/include'
> > '--mandir=/share/man' '--infodir=/share/info' '--localstatedir=/var'
> > '--libexecdir=/lib/squid3' '--disable-maintainer-mode'
> > '--disable-dependency-tracking' '--srcdir=.'
> > '--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3'
> > '--enable-gnuregex' '--enable-forward-log'
> > '--enable-removal-policy=heap' '--enable-follow-x-forwarded-for'
> > '--enable-http-violations' '--enable-large-cache-files'
> > '--enable-removal-policies=lru,heap' '--enable-err-languages=English'
> > '--enable-default-err-language=English' '--with-maxfd=32000'
> > '--with-large-files' '--disable-dlmalloc' '--with-pthreads'
> > '--enable-esi' '--enable-storeio=aufs,diskd,ufs,rock'
> > '--with-aufs-threads=10' '--with-maxfd=16384'
> > '--enable-x-accelerator-vary' '--with-dl' '--enable-truncate'
> > '--enable-linux-netfilter' '--with-filedescriptors=16384'
> > '--enable-wccpv2' '--enable-eui' '--enable-auth'
> > '--enable-auth-basic'
> > '--enable-auth-digest' '--enable-auth-negotiate-helpers'
> > '--enable-log-daemon-helpers' '--enable-url-rewrite-helpers'
> > '--enable-auth-ntlm' '--with-default-user=squid'
> > '--enable-icap-client'
> > '--enable-cache-digests' '--enable-icap-support' '--enable-poll'
> > '--enable-epoll' '--enable-async-io' '--enable-delay-pools'
> > 'CFLAGS=-DNUMTHREADS=60 -O3 -pipe -fomit-frame-pointer -funroll-loops
> > -ffast-math -fno-exceptions'
> >
> > I cannot browse trough Internet and receive many errors in syslog :
> >
> > Nov 27 23:32:57 gibrat squid[15355]: SECURITY ALERT: By user agent:
> > Opera/9.80 (X11; Linux i686; U; fr) Presto/2.9.168 Version/11.52
> > Nov 27 23:32:57 gibrat squid[15355]: SECURITY ALERT: on URL:
> > http://192.168.1.1:49152/rootDesc.xml
> > Nov 27 23:32:59 gibrat squid[15355]: SECURITY ALERT: By user agent:
> > Opera/9.80 (X11; Linux i686; U; fr) Presto/2.9.168 Version/11.52
> > Nov 27 23:32:59 gibrat squid[15355]: SECURITY ALERT: on URL:
> > http://clients1.google.com/complete/search?q=no-ip&client=opera&hl=fr
> >
> > Is it normal ??
>
> These are the 2nd and 3rd lines of a "Host: header forgery" alert. The
> first line explains what is being detected as wrong, these are the
> supporting data to help track it down.
>
> Having just read your config details in the other thread, I expect this
> is caused by a combination of your incomplete iptables NAT intercept
> rules, and testing by configuring the browser to use the proxy NAT port
> directly. That type of setup is dangerous and can expect this rejection
> in 3.2.
>
> Amos
>
Amos,
I would like to thank you about your technical answers and your huge
squid technical skills.
Your answers resolve my issue easly !! I'm your fan !
Received on Mon Nov 28 2011 - 18:28:58 MST
This archive was generated by hypermail 2.2.0 : Tue Nov 29 2011 - 12:00:03 MST