Squid3 http 问题

tag-icon tag-icon debian squid
Squid3 http 问题

我在我的 MyBookLive (Debian Squeeze) 上运行了 Squid3。我成功安装了 Squid3,但是一段时间后它会停止提供 http 请求,但 https 仍然有效。 如果我检查 access.log,我会多次看到类似这样的内容:

1395679077.078   5250 10.0.0.2 TCP_MISS/000 0 GET http://10.0.0.2:3128/space - DIRECT/10.0.0.2 -
1395679077.080   5250 10.0.0.2 TCP_MISS/000 0 GET http://10.0.0.2:3128/space - DIRECT/10.0.0.2 -
1395679077.083   5250 10.0.0.2 TCP_MISS/000 0 GET http://10.0.0.2:3128/space - DIRECT/10.0.0.2 -
1395679077.083   5247 10.0.0.2 TCP_MISS/000 0 GET http://10.0.0.2:3128/space - DIRECT/10.0.0.2 -
1395679077.084   5245 10.0.0.2 TCP_MISS/000 0 GET http://10.0.0.2:3128/space - DIRECT/10.0.0.2 -
1395679077.085   5243 10.0.0.2 TCP_MISS/000 0 GET http://10.0.0.2:3128/space - DIRECT/10.0.0.2 -

如果我继续刷新,则日志中不会添加任何内容,所以这让我相信 Squid3 没有收到任何东西。

此外,我使用默认的 Squid3 配置并进行了以下编辑:

http_port 3128 transparent
acl localnet src 10.0.0.0/24
http_access allow localnet
http_access allow localhost

以下是粘贴的完整配置文件:http://pastebin.com/5pvR7dYY

编辑

缓存.日志:

2014/03/24 17:37:56| IpIntercept.cc(137) NetfilterInterception:  NF getsockopt(SO_ORIGINAL_DST) failed on FD 1912: (92) Protocol not available
2014/03/24 17:37:56| WARNING: Forwarding loop detected for:
GET /space HTTP/1.1
Host: 10.0.0.2:3128
Via: 1.0 server01 (squid/3.1.6), 1.1 server01 (squid/3.1.6), 1.1 server01 (squid/3.1.6), 1.1 server01 (squid/3.1.6), 1.1 server01 (squid/3.1.6), 1.1 server01 (sq$
X-Forwarded-For: 10.0.0.1, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0.0.2, 10.0$
Cache-Control: max-age=259200
Connection: keep-alive

我的 dd-wrt ​​路由器中的 iptables:

PROXY_IP=10.0.0.2
PROXY_PORT=3128
LAN_IP=`nvram get lan_ipaddr`
LAN_NET=$LAN_IP/`nvram get lan_netmask`

iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -I POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP
iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT

相关内容