On 24/07/2013 4:37 p.m., PSA4444 wrote:
> I am running a squid reverse proxy in a DMZ which allows the outside world to
> access several websites I am hosting. One of these websites is a nagios
> server.
>
> Everything has been working well for months but this morning, users were not
> able to access the nagios site.
>
> Nobody has changed anything on either server for months. This is being
> logged in access.log:
>
> xx.xx.xx.xx TCP_MISS/403 680 GET http://nagios.blah.com/nagios -
> FIRSTUP_PARENT/yy.yy.yy.yy text/html
> xx.xx.xx.xx TCP_MISS/403 680 GET http://nagios.blah.com/favicon.ico -
> FIRSTUP_PARENT/yy.yy.yy.yy text/html
>
> xx.xx.xx.xx = source IP
> yy.yy.yy.yy = unknown ip
>
> Relevant entry:
>
> #Nagios
> cache_peer nagios.blah.com parent 80 0 no-query originserver name=nag
> login=PASSTHRU
> acl sites_nag dstdomain nagios.blah.com
> cache_peer_access nag allow sites_nag firstclient
> cache_peer_access nag allow sites_nag secondclient
> cache_peer_access nag deny publicall
> acl https proto https
> http_access allow all
>
> I have a hosts file entry pointing the squid server to the local nagios
> server.
>
> 10.0.1.23 nagios.blah.com
>
> Connecting directly to this via squid using the links browser works.
> Connecting directly to the nagios server via firefox within the network also
> works.
> I have tried restarting squid and the apache service on the nagios server.
>
> Any idea what's wrong, why this suddenly started happening and how to fix
> it?
If you have more than one cache_peer directive in use the above snippet
of your config file may *not* be the relevant config line. Particularly
if yy.yy.yy.yy is not 10.0.1.23. Apparently yy.yy.yy.yy is an IP address
of *one* of your cache_peer entries. The cache manager "ipcache" report
should be able to tell you which one.
Amos
Received on Wed Jul 24 2013 - 17:51:21 MDT
This archive was generated by hypermail 2.2.0 : Thu Jul 25 2013 - 12:00:10 MDT