Re: [squid-users] problem with upload

From: Mustafa Raji <mustafa.raji_at_yahoo.com>
Date: Tue, 22 May 2012 04:39:30 -0700 (PDT)

sorry for forgetting to mention squid version it's 3.1.11 the POST access.logs (for sample making a grep for only POST requests) are 1337667519.252 822 192.168.12.100 TCP_MISS/200 2122 POST http://ocsp.verisign.com/ - DIRECT/199.7.57.72 application/ocsp-response 1337667534.962 505 192.168.12.100 TCP_MISS/200 1078 POST http://ocsp.usertrust.com/ - DIRECT/178.255.83.1 application/ocsp-response 1337667536.532 1440 192.168.12.100 TCP_MISS/200 2331 POST http://ocsp.entrust.net/ - DIRECT/216.191.247.139 application/ocsp-response 1337670608.843 996 192.168.12.100 TCP_MISS/200 6683 POST http://us.mc1256.mail.yahoo.com/mc/compose? - DIRECT/66.196.66.156 text/html 1337670695.523 675 192.168.12.100 TCP_MISS/200 982 POST http://ocsp.digicert.com/ - DIRECT/69.36.162.242 application/ocsp-response 1337670696.642 597 192.168.12.100 TCP_MISS/200 982 POST http://ocsp.digicert.com/ - DIRECT/69.36.162.242 application/ocsp-response 1337670696.915 556 192.168.12.100 TCP_MISS/200 982 POST http://ocsp.digicert.com/ - DIRECT/69.36.162.242 application/ocsp-response 1337670809.875 460 192.168.12.100 TCP_MISS/200 995 POST http://arabia.msn.com/GeneralMethod.aspx/GetWeather - DIRECT/41.178.51.12 application/json 1337670817.995 782 192.168.12.100 TCP_MISS/200 2164 POST http://ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response 1337670818.160 955 192.168.12.100 TCP_MISS/200 2164 POST http://ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response 1337670825.073 655 192.168.12.100 TCP_MISS/200 982 POST http://ocsp.digicert.com/ - DIRECT/69.36.162.242 application/ocsp-response 1337670828.705 3573 192.168.12.100 TCP_MISS/200 982 POST http://ocsp.digicert.com/ - DIRECT/69.36.162.242 application/ocsp-response 1337670830.291 1028 192.168.12.100 TCP_MISS/200 2295 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response 1337670830.291 830 192.168.12.100 TCP_MISS/200 2295 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response 1337670830.901 493 192.168.12.100 TCP_MISS/200 2295 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response 1337670830.925 484 192.168.12.100 TCP_MISS/200 2295 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response 1337670831.044 479 192.168.12.100 TCP_MISS/200 2434 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response 1337670831.538 485 192.168.12.100 TCP_MISS/200 2434 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response 1337670831.568 484 192.168.12.100 TCP_MISS/200 2434 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response 1337670831.649 483 192.168.12.100 TCP_MISS/200 2434 POST http://evsecure-ocsp.verisign.com/ - DIRECT/199.7.52.72 application/ocsp-response 1337670884.703 525 192.168.12.100 TCP_MISS/200 788 POST http://www.4shared.com/javascriptRedirect.jsp - DIRECT/74.117.178.89 text/html 1337670930.970 636 192.168.12.100 TCP_MISS/200 581 POST http://www.4shared.com/rest/sharedFileUpload/create? - DIRECT/74.117.178.89 application/json 1337671057.835 124619 192.168.12.100 TCP_MISS/000 0 POST http://dc588.4shared.com/main/upload5.jsp? - DIRECT/204.155.149.57 - 1337671097.683 468715 192.168.12.100 TCP_MISS/502 1470 POST http://ne1.attach.mail.yahoo.com/us.f1256.mail.yahoo.com/ya/upload? - DIRECT/98.138.79.63 text/html 1337671201.785 745 192.168.12.100 TCP_MISS/200 367 POST http://www.4shared.com/rest/sharedFileUpload/error - DIRECT/74.117.178.89 application/json 1337671368.951 166333 192.168.12.100 TCP_MISS/000 0 POST http://dc588.4shared.com/main/upload5.jsp? - DIRECT/204.155.149.57 - 1337671420.455 656 192.168.12.100 TCP_MISS/200 1032 POST http://stats.avg.com/services/toolbar_updater.aspx - DIRECT/23.45.247.117 text/xml 1337671435.492 367 192.168.12.100 TCP_MISS/302 584 POST http://stats.avg.com/Services/ssf.asmx/GetFile - DIRECT/23.45.247.117 - please if the rule > > acl my_network src 192.168.12.0/24 > > http_access allow my_network is removed how can i allow this ip to enter the squid cacheserver. i read that /000 mean the connection is aborted, the connection is aborted when the upload is down, i will add the "http_access deny all" thanks with my best regards --- On Mon, 5/21/12, Amos Jeffries <squid3@treenet.co.nz> wrote: > From: Amos Jeffries <squid3@treenet.co.nz> > Subject: Re: [squid-users] problem with upload > To: squid-users@squid-cache.org > Date: Monday, May 21, 2012, 11:57 PM > On 22.05.2012 06:18, Mustafa Raji > wrote: > > hi > > i have squid cache server configured in the intercept > mode. i have a > > problem when i upload to websites, some time i can > upload normally and > > other time when i upload a file to the internet the > uploading process > > does not complete and the upload reduced to 0 kB > > please can any one help me. is there any way that squid > effects on > > uploading data. the configuration file is > > No Squid does not affect the upload data. It is relayed as > received. > > You will need to identify the difference between POST/PUT > requests which are succeeding and those which are failing. > This may require a TCP packet trace from between the clients > and Squid (use "tcpdump -s 0 ..." to get all the headers). > I suspect you will find the HTTP/1.1 Expect feature being > sent in the failing requests (no body data gets sent until > after a timeout or 100 / 417 message exchange). > > Please also identify which Squid release number you are > using. > > > > > > acl my_network src 192.168.12.0/24 > > http_access allow my_network > > > > The above rule should really be down ... ----> > > > #squid default acl configuration > > acl manager proto cache_object > > acl localhost src 127.0.0.1/32 > > acl to_localhost dst 127.0.0.0/8 > > acl Safe_ports port 80 > > acl Safe_ports port 21 > > acl Safe_ports port 443 > > acl Safe_ports port 70 > > acl Safe_ports port 210 > > acl Safe_ports port 1025-65535 > > acl Safe_ports port 280 > > acl Safe_ports port 488 > > acl Safe_ports port 591 > > acl Safe_ports port 777 > > acl SSL_ports port 443 563 > > > > acl CONNECT method CONNECT > > http_access deny !Safe_ports > > http_access deny CONNECT !SSL_ports > > http_access allow manager localhost > > http_access deny manager !localhost > > >   ---> ... here. Below the security protection rules > that prevent network attacks. > > NOTE: Having the last rule in your config a "deny ..." rule > means anything not already blocked is allowed. >   You should finish the http_access rules with > "http_access deny all" > > > > > http_port 3128 intercept > > http_port 8181 > > > > client_persistent_connections off > > server_persistent_connections off > > cache_effective_user proxy > > coredump_dir /var/coredump > > > > #define cache replacement policy > > memory_replacement_policy heap GDSF > > cache_replacement_policy heap LFUDA > > Amos >
Received on Tue May 22 2012 - 11:39:37 MDT

This archive was generated by hypermail 2.2.0 : Tue May 22 2012 - 12:00:04 MDT