[squid-users] Re: Forwarding loop - array.dll

From: Henrik Nordstrom <[email protected]>
Date: Thu, 4 Apr 2002 09:13:47 +0200

Please use the sqiud-users mailinglist for Squid questions.

On Thursday 04 April 2002 05:00, Wei Keong wrote:
> Hi Henrik,
>
> I found these strange looking things in cache.log... Hope you can
> help me on these questions:
>
> 1) Is array.dll another virus? Should we include it in the
> virus list?

not that I know of.

> 2) We don't run MSProxy in our network, is someone running
> MSProxy trying to access our squid?

quite likely. See access.log.

> 3) If we were to only allow forwarding from the peers (in
> the same triangle), is the following config correct?

> 4) Will this config prevent unnecessary forwarding (more
> than one forwarding for a request)?
>
> # Peer caches
> cache_peer palo2.pacific.net.sg sibling 8080
> 3130 proxy-only no-query
> cache_peer palo3.pacific.net.sg sibling 8080
> 3130 proxy-only no-query
>
> # Prevent forwarding loops
> cache_peer_access palo2.pacific.net.sg allow
> palo1.pacific.net.sg cache_peer_access palo3.pacific.net.sg allow
> palo1.pacific.net.sg

No. You want to do it the other way. Deny forwarding to your peers if
the request is from any of them.

Also the directiveis ACL based.

> Cache.log
> ----------
> 2002/04/04 00:45:43| WARNING: Forwarding loop detected for:
> <different URLs> HTTP/1.0
> Via: 1.1 palo4.pacific.net.sg:8080 (Squid/2.4.STABLE4), 1.0
> palo1.pacific.net.sg:8080 (Squid/2.4.STABLE4), 1.0
> palo10.pacific.net.sg:8080 (Squid/2.4.STABLE4)

These loops is something you should deal with. It is not good to have
a setup where loops frequently occur.

Regards
Henrik
Received on Thu Apr 04 2002 - 00:33:31 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:20 MST