Forwarding loop detected.

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Forwarding loop detected.

Suhaib Ahmad
Hello,

I've squid2.6 STABLE running as web-accelerator, on 'image' (having
ip:67.107.145.109) machine with parent configured as 192.168.7.1.
'image' machine is also the nameserver having 'hosts' file entry:

127.0.0.1       localhost.localdomain   localhost

The squid-cache stops working sometime throwing 'Forward loop
detected' warning in cache.log. Can anyone suggest the remedie.
Thanks.

---- squid.conf ----
http_port 80 transparent
cache_peer 192.168.7.1 parent 81 0 no-query originserver weight=1
http_access allow all
acl all src 0.0.0.0/0.0.0.0
icp_access allow all

---- cache.log ----
2007/06/05 20:42:35| WARNING: Forwarding loop detected for:
Client: 67.107.145.109 http_port: 67.107.145.109:80
GET http://image.bridgemailsystem.com/pms/graphics/6.05.07directresponse2r1(650x90).gif
HTTP/1.0
If-Modified-Since: Tue, 05 Jun 2007 15:15:59 GMT
If-None-Match: "19577-1181056559000"
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
User-Agent: www.clamav.net
Host: image.bridgemailsystem.com
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
Via: 1.1 localhost.localdomain:80 (squid/2.6.STABLE12), 1.0
localhost.localdomain:80 (squid/2.6.STABLE12), 1.0
localhost.localdomain:80 (squid
/2.6.STABLE12), 1.0 localhost.localdomain:80 (squid/2.6.STABLE12), 1.0
localhost.localdomain:80 (squid/2.6.STABLE12), 1.0
localhost.localdomai
n:80 (squid/2.6.STABLE12), 1.0 localhost.localdomain:80
(squid/2.6.STABLE12), 1.0 localhost.localdomain:80
(squid/2.6.STABLE12), 1.0 localhost
.localdomain:80 (squid/2.6.STABLE12), 1.0 localhost.localdomain:80
(squid/2.6.STABLE12)

X-Forwarded-For: 24.164.28.34, 67.107.145.109, 67.107.145.109,
67.107.145.109, 67.107.145.109, 67.107.145.109, 67.107.145.109,
67.107.145.109,
 67.107.145.109, 67.107.145.109

Cache-Control: max-age=259200
Connection: keep-alive


Regards,
Suhaib
Reply | Threaded
Open this post in threaded view
|

Re: Forwarding loop detected.

Chris Robertson-2
Suhaib Ahmad wrote:

> Hello,
>
> I've squid2.6 STABLE running as web-accelerator, on 'image' (having
> ip:67.107.145.109) machine with parent configured as 192.168.7.1.
> 'image' machine is also the nameserver having 'hosts' file entry:
>
> 127.0.0.1       localhost.localdomain   localhost
>
> The squid-cache stops working sometime throwing 'Forward loop
> detected' warning in cache.log. Can anyone suggest the remedie.
> Thanks.
>
> ---- squid.conf ----
> http_port 80 transparent

http://wiki.squid-cache.org/SquidFaq/ReverseProxy#head-7fa129a6528d9a5c914f8dd5671668173e39e341

> cache_peer 192.168.7.1 parent 81 0 no-query originserver weight=1
> http_access allow all

Asking for abuse.

Interesting.  Using the originserver tagline to cache_peer seems to
prevent some of the obvious avenues.  But you should still at least
prevent CONNECT requests to ports other than 443, and any requests to
ports other than those labeled "Safe" in the default squid.conf.

> acl all src 0.0.0.0/0.0.0.0
> icp_access allow all
>
>

SNIP

Yup.  Looks like a forwarding loop.  Set up your accelerator properly,
and I imagine this will be resolved.
>
> Regards,
> Suhaib

Chris
Reply | Threaded
Open this post in threaded view
|

Re: Forwarding loop detected.

Henrik Nordström
tor 2007-06-07 klockan 11:22 -0800 skrev Chris Robertson:

> Interesting.  Using the originserver tagline to cache_peer seems to
> prevent some of the obvious avenues.

No, it's using one of the accelerator options on http_port which changes
the security profile, requiring the use of a cache_peer.

Regards
Henrik

signature.asc (316 bytes) Download Attachment