richard-lists at esplins.org
Sat Mar 27 12:08:32 MDT 2010
I'm using Dansguardian via Squid as a transparent proxy on my home network. I have had a handful of problems, and wanted to see if anyone has some insight to share.
* Debian Lenny (upgraded from Etch)
* Squid 2.7
* Dansguardian 126.96.36.199
* IPTables does a DNAT redirect of all port 80 traffic through squid and dans
Problem 1: ibm.com/developerworks
I get this Firefox error:
"Content Encoding Error
The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression."
Google suggested that the server is improperly responding to my encoding header, and that I could solve it by adding to squid.conf:
# Fix broken sites by removing Accept-Encoding header
acl broken dstdomain .ibm.com
header_access Accept-Encoding deny broken
This did solve the error, as now I just get a blank page.
It is not an ACLs problem, as "http_access allow all" does not solve the error.
The page loads fine if I tell IPTables to stop sending traffic through squid.
What can I do to make squid play nicely with this site?
Problem 2: Hulu and Fox.com
I get blocked at Hulu and Fox if I am using Squid. The error at Fox is:
"The video you are trying to watch cannot be viewed from your current country or location."
Hulu tells me:
"Based on your IP address, we noticed you are trying to access Hulu through an anonymous proxy tool."
By the way, after enough errors at Hulu it appears that they permanently block you. I now get the same error with Squid disabled, and I get no response from their support team.
At first I thought it was the Via header, so I disabled it. It doesn't solve the error. I then tried to tell squid to not cache the sites by putting:
acl streaming_video urlpath_regex .hulu.com
acl streaming_video urlpath_regex .fox.com
no_cache deny streaming_video
near the top of the TAG: cache section of squid.conf. I get the same error at Fox.com (which works with Squid disabled).
Any thing else I should try?
More information about the PLUG