squid прозрачное проксирование

так вот....
конфиг сквида

http_port 3128

dns_nameservers 192.168.49.100
redirect_children 20
redirect_rewrites_host_header on
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 8 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_dir ufs /var/cache/squid/ 100 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
emulate_httpd_log off
#mime_table /usr/local/etc/squid/mime.conf
log_fqdn off
ftp_user 
ftp_list_width 32
ftp_passive on
request_header_max_size 20 KB
request_body_max_size 0 KB
refresh_pattern ^ftp:		   1440	20%	 10080
refresh_pattern ^gopher:		1440	0%	  1440
refresh_pattern .			   0	   20%	 4320
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 1 minute
range_offset_limit 0 KB
forward_timeout 4 minutes
connect_timeout 1 minute
peer_connect_timeout 30 seconds
read_timeout 15 minutes
request_timeout 5 minutes
persistent_request_timeout 1 minute
client_lifetime 1 day
half_closed_clients on
pconn_timeout 120 seconds
ident_timeout 10 seconds
shutdown_lifetime 30 seconds

acl our_networks src 172.16.16.0/24
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80		  # http
acl Safe_ports port 21		  # ftp
acl Safe_ports port 443 563	 # https, snews
acl Safe_ports port 70		  # gopher
acl Safe_ports port 210		 # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280		 # http-mgmt
acl Safe_ports port 488		 # gss-http
acl Safe_ports port 591		 # filemaker
acl Safe_ports port 777		 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access allow our_networks
http_access deny all

http_reply_access allow all
icp_access allow all
miss_access allow all

reply_header_max_size 20 KB
reply_body_max_size 0 allow all

mail_program mail
cache_mgr 
cache_effective_user squid
cache_effective_group squid
announce_host squid
announce_port 3128

httpd_accel_port 80
httpd_accel_host virtual
httpd_accel_single_host on
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
httpd_accel_no_pmtu_disc off

logfile_rotate 10
tcp_recv_bufsize 0 bytes
memory_pools on
memory_pools_limit 5 MB

#delay_pools 1
#delay_class 1 2
#delay_parameters 1 -1/-1 20000/20000
#delay_access 1 allow our_networks
#delay_access 1 deny all

forwarded_for on
client_db on
netdb_low 900
netdb_high 1000
netdb_ping_period 5 minutes
icon_directory /usr/share/squid/icons
global_internal_static on
error_directory /usr/share/squid/errors/Russian-1251
maximum_single_addr_tries 1
incoming_icp_average 6
incoming_http_average 4
incoming_dns_average 4
min_icp_poll_cnt 8
min_dns_poll_cnt 8
min_http_poll_cnt 8
max_open_disk_fds 0
offline_mode off
uri_whitespace strip
coredump_dir /var/cache/squid
redirector_bypass off
ignore_unknown_nameservers on
request_entities off
high_response_time_warning 0
high_page_fault_warning 0
high_memory_warning 0
vary_ignore_expire off
sleep_after_fork 0
relaxed_header_parser on

логи скида:

1169676072.570	 20 172.16.16.223 TCP_DENIED/400 1697 GET error:invalid-request - NONE/- text/html

1169676073.937	  0 172.16.16.223 TCP_DENIED/400 2176 GET error:invalid-request - NONE/- text/html

и вот че говорит в браузере:

ОШИБКА

Запрошенный URL не может быть доставлен.


Во время обработки запроса:


GET / HTTP/1.1

Host: www.yandex.ru

User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; ru; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1

Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5

Accept-Language: ru-ru,ru;q=0.8,en-us;q=0.5,en;q=0.3

Accept-Encoding: gzip,deflate

Accept-Charset: windows-1251,utf-8;q=0.7,*;q=0.7

Keep-Alive: 300

Connection: keep-alive

Referer: http://ya.ru/

Cookie: yabs-frequency=1289840@20070124-28.1:1994458@20070122-7.1:1967751@20070121-28.1:1982773@20070120-7.1:1954230@20070120-7.2:1611198@20070110-28.X:765223@20070110-28.1:1583221@20061229-28.3:828351@20061229-28.1:1774906@20061230-28.2:952805@20061230-28.1:1946737@20070115-14.6:1982808@20070120-7.1:1960948@20070122-7.1:1044685@20070124-1.1:1650873@20070124-7.3:828843@20070124-1.1:1978323@20070124-7.2:P676@20070124.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1:P677@20070124.2.0.4.3.4.0.0.0.0.1.2.0.0.1.2.1.0.1.1.1.0.0.0.0.0.3.1.1; yandexuid=5272461164726426

If-Modified-Since: Wed, 24 Jan 2007 13:49:10 GMT




Произошла следующая ошибка:


	* Неверный запрос. 


Некоторые аспекты HTTP запроса неправильны. Возможные проблемы:


	* Отсутствует либо неизвестен метод запроса (GET, POST)

	* Отсутствует URL

	* Отсутствует HTTP идентификатор (HTTP/1.0)

	* Запрос слишком велик

	* Не указан Content-Length для запросов POST или PUT

	* Недопустимый символ в имени сервера; подчеркивания недопустимы 



Generated Wed, 24 Jan 2007 22:01:13 GMT by gate.sh936.lan (squid/2.6.STABLE4) 

ну дык и последнее

gate / # /etc/init.d/squid reload

 * Reloading squid ...

2007/01/25 01:13:26| parseConfigFile: line 94 unrecognized: 'httpd_accel_port 80'

2007/01/25 01:13:26| parseConfigFile: line 95 unrecognized: 'httpd_accel_host virtual'

2007/01/25 01:13:26| parseConfigFile: line 96 unrecognized: 'httpd_accel_single_host on'

2007/01/25 01:13:26| parseConfigFile: line 97 unrecognized: 'httpd_accel_with_proxy on'

2007/01/25 01:13:26| parseConfigFile: line 98 unrecognized: 'httpd_accel_uses_host_header on'

2007/01/25 01:13:26| WARNING cache_mem is larger than total disk cache space!	   

че то не нравятся ему такие строки =(