www/squid: reconsider enabling all options
Nick Rogers
ncrogers at gmail.com
Mon Apr 25 22:32:25 UTC 2016
Hello,
I just recompiled my www/squid port to the latest 3.5.17 version. Prior to
this I was running 3.5.14. I immediately noticed that my transparent proxy
setup via PF was broken and throwing a "Forwarding loop detected" error in
the logs.
I then noticed the following recent commit which enables all options/knobs
that do not require dependencies:
https://svnweb.freebsd.org/ports?view=revision&revision=412287
This change enables the ipf-transparent (TP_IP), ipfw-transparent (TP_IPF),
and pf-transparent (TP_PF) options at the same time, and turned out to be
the root of my "redirection loop" problem.
I am unclear why, but in my experience these options have always been
incompatible with each other, which is why in previous versions of the
www/squid port and its prior iterations these knobs have always been
disabled by default. I've always explicitly enabled TP_PF in my make.conf.
I was able to fix my issue by recompiling without the TP_IP and TP_IPF
options, but I believe more thought/discussion should be given to all the
new options that are now enabled by default in the port.
Thanks!
-Nick
More information about the freebsd-ports
mailing list