Hello,
please CC me on any follow ups as I no longer receive squid list emails.
thank you very much.
I have been using squid since the beginning of time (1999) and this is
the first show stopper I have ran into, nice work!!
Over the weekend we changed ISPs. the only thing changed on the network
was the physical ISP router the firewall was connected to, the
firewall was given a new IP on its external interface (ACLs remained the
same), the DMZ and internal hosts/network had no changes, excluding
DNS changes on the external DNS server, which does not service internal
queries. Both the old and new Internet solution came to us over multi
T1s (using OSPF to load share).
We tested over the weekend, everything seemed fine. From external
sites we could hit all of our DMZ services, from internally we could
send mail, everything else worked as expected also. I assumed because
we could load external web sites, all was well and time to go home.
Today, Monday, when I came into work there were several emails about
sites not loading. The common thing amount these sites was they seemed
to want to POST something. For example, you can not log onto webmail
servers using squirrelmail at all, gmail allows you to log on but not
send mail, yahoo mail is broken in the same way, and many other sites
will not load if they have forms or similar.
If I remove the proxy config from my browser, go direct to the site,
things work.
Any idea? attached is a tar.gz of the squid logs, the production squid
server is 2.5.STABLE8, and I just set up and tested 2.5.STABLE13 on
another server, same results. the logs are from the new proxy setup.
Below is a part of the debug log where it looks as if things might start
to go south (this is after restarting squid in debug mode:: squid -k
debug):
all the below has the same time stamp: 2006/04/10 13:08:06
comm_poll: FD 15 ready for writing
commHandleWrite: FD 15: off 0, sz 87.
commHandleWrite: write() returns 87
cbdataValid: 0x84d3340
httpSendRequestEntry: FD 15: size 87: errflag 0.
httpSendRequestEntryDone: FD 15
httpSendRequestEntryDone: No brokenPosts list
httpSendComplete: FD 15: size 0: errflag 0.
commSetTimeout: FD 15 timeout 900
cbdataUnlock: 0x84d3340
comm_poll: 1+0 FDs ready
comm_poll: FD 15 ready for reading
httpReadReply: FD 15: len -1.
httpReadReply: FD 15: read failure: (104) Connection reset by peer.
fwdFail: ERR_READ_ERROR "Bad Gateway"
http://notes.fqdn.com/src/redirect.php
comm_close: FD 15
commCallCloseHandlers: FD 15
commCallCloseHandlers: ch->handler=0x807e350
cbdataValid: 0x84d3340
storeUnlockObject: key 'BA8D1FD8AECCBFEFC149B8D63E0D93C6' count=2
cbdataFree: 0x84d3340
cbdataFree: 0x84d3340 has 1 locks, not freeing
cbdataUnlock: 0x84d3340
cbdataUnlock: Freeing 0x84d3340
commCallCloseHandlers: ch->handler=0x8071a30
cbdataValid: 0x84d28e0
fwdServerClosed: FD 15 http://notes.fqdn.com/src/redirect.php
fwdStateFree: 0x84d28e0
storeLockObject: key 'BA8D1FD8AECCBFEFC149B8D63E0D93C6' count=3
creating rep: 0x84d7190
init-ing hdr: 0x84d71d0 owner: 2
0x84d71d0 lookup for 38
0x84d71d0 lookup for 9
0x84d71d0 lookup for 22
errorConvert: %U --> 'http://notes.fqdn.com/src/redirect.php'
errorConvert: %U --> 'http://notes.fqdn.com/src/redirect.php'
errorConvert: %E --> '(104) Connection reset by peer'
errorConvert: %w --> '5555@dkp.com'
errorConvert: %w --> '5555@dkp.com'
errorConvert: %T --> 'Mon, 10 Apr 2006 17:08:06 GMT'
errorConvert: %h --> 'new0.dkp.com'
errorConvert: %s --> 'squid/2.5.STABLE13'
errorConvert: %S --> '
<BR clear="all">
<HR noshade size="1px">
<ADDRESS>
Generated Mon, 10 Apr 2006 17:08:06 GMT by new0.dkp.com (squid/2.5.STABLE13)
</ADDRESS>
</BODY></HTML>
'
This archive was generated by hypermail pre-2.1.9 : Mon May 01 2006 - 12:00:02 MDT