sorry for forgetting to mention squid version it's 3.1.11
the POST access.logs (for sample making a grep for only POST requests) are
1337667519.252 822 192.168.12.100 TCP_MISS/200 2122 POST http://ocsp.verisign.com/ - DIRECT/199.7.57.72 application/ocsp-response
1337667534.962 505 192.168.12.100 TCP_MISS/200 1078 POST http://ocsp.usertrust.com/ - DIRECT/178.255.83.1 application/ocsp-response
1337667536.532 1440 192.168.12.100 TCP_MISS/200 2331 POST http://ocsp.entrust.net/ - DIRECT/216.191.247.139 application/ocsp-response
1337670608.843 996 192.168.12.100 TCP_MISS/200 6683 POST http://us.mc1256.mail.yahoo.com/mc/compose? - DIRECT/66.196.66.156 text/html
1337670695.523 675 192.168.12.100 TCP_MISS/200 982 POST http://ocsp.digicert.com/ - DIRECT/69.36.162.242 application/ocsp-response
1337670696.642 597 192.168.12.100 TCP_MISS/200 982 POST http://ocsp.digicert.com/ - DIRECT/69.36.162.242 application/ocsp-response
1337670696.915 556 192.168.12.100 TCP_MISS/200 982 POST http://ocsp.digicert.com/ - DIRECT/69.36.162.242 application/ocsp-response
1337670809.875 460 192.168.12.100 TCP_MISS/200 995 POST http://arabia.msn.com/GeneralMethod.aspx/GetWeather - DIRECT/41.178.51.12 application/json
1337670817.995 782 192.168.12.100 TCP_MISS/200 2164 POST http://ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response
1337670818.160 955 192.168.12.100 TCP_MISS/200 2164 POST http://ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response
1337670825.073 655 192.168.12.100 TCP_MISS/200 982 POST http://ocsp.digicert.com/ - DIRECT/69.36.162.242 application/ocsp-response
1337670828.705 3573 192.168.12.100 TCP_MISS/200 982 POST http://ocsp.digicert.com/ - DIRECT/69.36.162.242 application/ocsp-response
1337670830.291 1028 192.168.12.100 TCP_MISS/200 2295 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response
1337670830.291 830 192.168.12.100 TCP_MISS/200 2295 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response
1337670830.901 493 192.168.12.100 TCP_MISS/200 2295 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response
1337670830.925 484 192.168.12.100 TCP_MISS/200 2295 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response
1337670831.044 479 192.168.12.100 TCP_MISS/200 2434 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response
1337670831.538 485 192.168.12.100 TCP_MISS/200 2434 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response
1337670831.568 484 192.168.12.100 TCP_MISS/200 2434 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response
1337670831.649 483 192.168.12.100 TCP_MISS/200 2434 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response
1337670884.703 525 192.168.12.100 TCP_MISS/200 788 POST http://www.4shared.com/javascriptRedirect.jsp - DIRECT/74.117.178.89 text/html
1337670930.970 636 192.168.12.100 TCP_MISS/200 581 POST http://www.4shared.com/rest/sharedFileUpload/create? - DIRECT/74.117.178.89 application/json
1337671057.835 124619 192.168.12.100 TCP_MISS/000 0 POST http://dc588.4shared.com/main/upload5.jsp? - DIRECT/204.155.149.57 -
1337671097.683 468715 192.168.12.100 TCP_MISS/502 1470 POST http://ne1.attach.mail.yahoo.com/us.f1256.mail.yahoo.com/ya/upload? - DIRECT/98.138.79.63 text/html
1337671201.785 745 192.168.12.100 TCP_MISS/200 367 POST http://www.4shared.com/rest/sharedFileUpload/error - DIRECT/74.117.178.89 application/json
1337671368.951 166333 192.168.12.100 TCP_MISS/000 0 POST http://dc588.4shared.com/main/upload5.jsp? - DIRECT/204.155.149.57 -
1337671420.455 656 192.168.12.100 TCP_MISS/200 1032 POST http://stats.avg.com/services/toolbar_updater.aspx - DIRECT/23.45.247.117 text/xml
1337671435.492 367 192.168.12.100 TCP_MISS/302 584 POST http://stats.avg.com/Services/ssf.asmx/GetFile - DIRECT/23.45.247.117 -
please if the rule
> > acl my_network src 192.168.12.0/24
> > http_access allow my_network
is removed how can i allow this ip to enter the squid cacheserver.
i read that /000 mean the connection is aborted, the connection is aborted when the upload is down,
i will add the "http_access deny all"
thanks with my best regards
--- On Mon, 5/21/12, Amos Jeffries <squid3@treenet.co.nz> wrote:
> From: Amos Jeffries <squid3@treenet.co.nz>
> Subject: Re: [squid-users] problem with upload
> To: squid-users@squid-cache.org
> Date: Monday, May 21, 2012, 11:57 PM
> On 22.05.2012 06:18, Mustafa Raji
> wrote:
> > hi
> > i have squid cache server configured in the intercept
> mode. i have a
> > problem when i upload to websites, some time i can
> upload normally and
> > other time when i upload a file to the internet the
> uploading process
> > does not complete and the upload reduced to 0 kB
> > please can any one help me. is there any way that squid
> effects on
> > uploading data. the configuration file is
>
> No Squid does not affect the upload data. It is relayed as
> received.
>
> You will need to identify the difference between POST/PUT
> requests which are succeeding and those which are failing.
> This may require a TCP packet trace from between the clients
> and Squid (use "tcpdump -s 0 ..." to get all the headers).
> I suspect you will find the HTTP/1.1 Expect feature being
> sent in the failing requests (no body data gets sent until
> after a timeout or 100 / 417 message exchange).
>
> Please also identify which Squid release number you are
> using.
>
>
> >
> > acl my_network src 192.168.12.0/24
> > http_access allow my_network
> >
>
> The above rule should really be down ... ---->
>
> > #squid default acl configuration
> > acl manager proto cache_object
> > acl localhost src 127.0.0.1/32
> > acl to_localhost dst 127.0.0.0/8
> > acl Safe_ports port 80
> > acl Safe_ports port 21
> > acl Safe_ports port 443
> > acl Safe_ports port 70
> > acl Safe_ports port 210
> > acl Safe_ports port 1025-65535
> > acl Safe_ports port 280
> > acl Safe_ports port 488
> > acl Safe_ports port 591
> > acl Safe_ports port 777
> > acl SSL_ports port 443 563
> >
> > acl CONNECT method CONNECT
> > http_access deny !Safe_ports
> > http_access deny CONNECT !SSL_ports
> > http_access allow manager localhost
> > http_access deny manager !localhost
>
>
> ---> ... here. Below the security protection rules
> that prevent network attacks.
>
> NOTE: Having the last rule in your config a "deny ..." rule
> means anything not already blocked is allowed.
> You should finish the http_access rules with
> "http_access deny all"
>
> >
> > http_port 3128 intercept
> > http_port 8181
> >
> > client_persistent_connections off
> > server_persistent_connections off
> > cache_effective_user proxy
> > coredump_dir /var/coredump
> >
> > #define cache replacement policy
> > memory_replacement_policy heap GDSF
> > cache_replacement_policy heap LFUDA
>
> Amos
>
Received on Tue May 22 2012 - 11:39:37 MDT
This archive was generated by hypermail 2.2.0 : Tue May 22 2012 - 12:00:04 MDT