Search squid archive

nagios check_http module being denied on transparent proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi

In my squid.conf I've got 'http_port 3128 transparent', and I configured my firewall to forward all request from port 80 to 3128. Everything seems to be working fine, except
for nagios. This is from the man pages of the check_http module:

"check_http v2053 (nagios-plugins 1.4.13)
Copyright (c) 1999 Ethan Galstad <nagios@xxxxxxxxxx>
Copyright (c) 1999-2008 Nagios Plugin Development Team
       <nagiosplug-devel@xxxxxxxxxxxxxxxxxxxxx>

This plugin tests the HTTP service on the specified host. It can test
normal (http) and secure (https) servers, follow redirects, search for
strings and regular expressions, check connection times, and report on
certificate expiration times.
This plugin will attempt to open an HTTP connection with the host.
Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL other errors return STATE_UNKNOWN. Successful connects, but incorrect reponse
messages from the host result in STATE_WARNING return values.  If you are
checking a virtual server that uses 'host headers' you must supply the FQDN
(fully qualified domain name) as the [host_name] argument."

The module works for all servers on the LAN, except for the squid server (192.168.0.1) (which also happens to be the firewall server):

access.log:
12/Apr/2010:06:01:00 +0100 192.168.0.9 TCP_DENIED/400 1651 GET error:invalid-r
     equest NONE/- text/html

cache.log:
2010/04/12 06:01:00| clientReadRequest: FD 70 (192.168.0.9:58818) Invalid Request

If I manually run the check_http module on the nagios server (or from any other client):
$ ./check_http -I 192.168.0.1
HTTP WARNING: HTTP/1.0 400 Bad Request

But from the squid server:
$ ./check_http -I 192.168.0.1
HTTP OK HTTP/1.0 200 OK - 965 bytes in 0.000 seconds |time=0.000425s;;;0.000000 siz0

I've been googling around and the solutions I've been finding are people doing things like not adding "transparent" to their http_port line, or defining the line twice, etc. Which doesn't apply to
my case, because I check my squid.conf and the http_port line is fine.
What could be causing this HTTP issue?
Thanks

Dayo

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux