Hi all, We are having a problem with Squid and a Java applet in one of our in-house developed application. I've gone through the FAQ and searched through the mailing lists but I didn't find anything to remedy the problem. I'm using Squid 3.0.STABLE8, the version that comes with Debian Lenny. The issue is with a url with a .jsp file that takes certain parameters and launches a Java applet to upload a file from the client computer. We've recently switched from a iptables-only gateway to a new gateway with iptables+Squid, and that's when the issue started. The Java version used on the client computers is 1.6. There is no authentication and squid is set to work transparently. I've set an iptables rule that redirets all traffic to port 80 to port 3128 of Squid. When someone tries to access the URL, the Java console comes up with this error: cargar: clase com.zetti.web.util.FileUploader.class no encontrada. java.lang.ClassNotFoundException: com.zetti.web.util.FileUploader.class at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source) at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source) at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.io.IOException: open HTTP connection failed:http://ftweb-azul.zetti.com.ar/com/zetti/web/util/FileUploader/class.class at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) ... 7 more Excepción: java.lang.ClassNotFoundException: com.zetti.web.util.FileUploader.class The squid logs for the connection attempt show the following (the domain is different because the app is hosted in three different servers, but it's exactly the same): 1263992196.949 140 192.168.1.33 TCP_MISS/302 512 GET http://ftweb.ipg.com.ar/upload.jsp? - DIRECT/200.82.80.242 text/plain 1263992197.097 10 192.168.1.33 TCP_MISS/200 2047 GET http://ftweb.ipg.com.ar/upload.jsp? - DIRECT/200.82.80.242 text/html 1263992197.211 8 192.168.1.33 TCP_MISS/304 306 GET http://ftweb.ipg.com.ar/css/bodystyleIPG.css - DIRECT/200.82.80.242 - 1263992198.302 6 192.168.1.33 TCP_MISS/304 305 GET http://ftweb.ipg.com.ar/images/logoFTW.gif - DIRECT/200.82.80.242 - 1263992199.935 5 192.168.1.33 TCP_MISS/304 305 GET http://ftweb.ipg.com.ar/images/03_home.jpg - DIRECT/200.82.80.242 - 1263992199.940 9 192.168.1.33 TCP_MISS/304 305 GET http://ftweb.ipg.com.ar/images/logitoTrim.gif - DIRECT/200.82.80.242 - 1263992199.987 5 192.168.1.33 TCP_MISS/304 305 GET http://ftweb.ipg.com.ar/images/04_home.gif - DIRECT/200.82.80.242 - 1263992200.340 5 192.168.1.33 TCP_MISS/304 305 GET http://ftweb.ipg.com.ar/fileuploader.cab - DIRECT/200.82.80.242 - 1263992200.632 7 192.168.1.33 TCP_MISS/404 910 GET http://ftweb.ipg.com.ar/favicon.ico - DIRECT/200.82.80.242 text/html 1263992200.813 7 192.168.1.33 TCP_MISS/404 1198 GET http://ftweb.ipg.com.ar/com/zetti/web/util/FileUploaderBeanInfo.class - DIRECT/200.82.80.242 text/html 1263992200.901 10 192.168.1.33 TCP_MISS/404 1198 GET http://ftweb.ipg.com.ar/netscape/security/PrivilegeManager.class - DIRECT/200.82.80.242 text/html 1263992200.904 0 192.168.1.33 TCP_NEGATIVE_HIT/404 1207 GET http://ftweb.ipg.com.ar/netscape/security/PrivilegeManager.class - NONE/- text/html 1263992236.989 32 192.168.1.33 TCP_MISS/302 512 GET http://ftweb.ipg.com.ar/upload.jsp? - DIRECT/200.82.80.242 text/plain 1263992237.014 10 192.168.1.33 TCP_MISS/200 2049 GET http://ftweb.ipg.com.ar/upload.jsp? - DIRECT/200.82.80.242 text/html 1263992242.996 12 192.168.1.33 TCP_MISS/404 910 GET http://ftweb.ipg.com.ar/fileuploader.jar - DIRECT/200.82.80.242 text/html 1263992243.716 698 192.168.1.33 TCP_MISS/404 1198 GET http://ftweb.ipg.com.ar/fileuploader.jar - DIRECT/200.82.80.242 text/html 1263992243.764 12 192.168.1.33 TCP_MISS/404 1198 GET http://ftweb.ipg.com.ar/com/zetti/web/util/FileUploader.class - DIRECT/200.82.80.242 text/html 1263992243.786 12 192.168.1.33 TCP_MISS/404 1198 GET http://ftweb.ipg.com.ar/com/zetti/web/util/FileUploader/class.class - DIRECT/200.82.80.242 text/html 1263992246.989 12 192.168.1.33 TCP_MISS/404 910 GET http://ftweb.ipg.com.ar/favicon.ico - DIRECT/200.82.80.242 text/html My squid.conf is as follows: http_port 3128 transparent access_log /var/log/squid3/access.log squid cache_log /var/log/squid3/cache.log cache_store_log /var/log/squid3/store.log acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 22 # ssh acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl lan src 192.168.0.0/22 acl Java browser Java/1.4 Java/1.5 Java/1.6 http_access allow manager localhost http_access allow localhost http_access allow lan http_access allow Java http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports always_direct allow all redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf cache_mgr vbrizuela@xxxxxxxxxxxx visible_hostname sphinx What may I be overlooking here? Any help would be greatly appreciated. Thanks, -- Victor Javier Brizuela http://w2bh.com.ar/ BOFH excuse #38: secretary plugged hairdryer into UPS
