David Sune Palsgaard wrote:
> I have a big problem ... to times whit in the to last days I have
> experience that there coming a lot of data from one site to the
> firewall (squid and ipchance), but nearly nothing is coming fro to
> the internal LAN. the problem as I can se it is that no one is
> requesting the date... On the first occurrence it was www traffic on
> the other occasion it was ftp traffic. The problem is that it is
> totally blocking our 512 kbit line ...
> incoming traffic to the firewall is 500 - 512 kbit but outgoing to
> the internal LAN is only 70 - 80 kbit
There are two known bugs/misfeatures in Squid where this might happen
that fits your descriptions.
a) HEAD for ftp:// objects
b) Range requests for objects where the origin server does not support
ranges.
Patches are available from
http://squid.sourceforge.net/hno/patch-2.3.html
Also make sure quick_abort is tuned to properly abort aborted requests,
and that half_closed_clients is turned off. This helps in getting
runaway requests terminated when the user gives up.
-- Henrik Nordstrom Squid hackerReceived on Thu May 18 2000 - 14:13:06 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:53:32 MST