On Mon, 21 Nov 2011 12:55:19 +0100, J4K wrote:
Hi there,
I noticed one of the clients accessing the squid proxy is not
fetching
the data,
10.254.66.142 - - [21/Nov/2011:12:49:01 +0100] "CONNECT
xmlrpc.rhn.redhat.com:443 HTTP/1.1" 200 6668 TCP_MISS:DIRECT
Successful "CONNECT" request. 6668 bytes of data were received back
over the tunnel to the client.
10.254.66.142 - - [21/Nov/2011:12:49:06 +0100] "CONNECT
xmlrpc.rhn.redhat.com:443 HTTP/1.1" 200 6583 TCP_MISS:DIRECT
Successful "CONNECT" request. 6538 bytes of data were received back
over the tunnel to the client.
Squid proxy can connect with this address so problem is not the
firewall,
# telnet xmlrpc.rhn.redhat.com 443
Trying 209.132.183.44...
Connected to xmlrpc.rhn.redhat.com (209.132.183.44).
Escape character is '^]'.
^]
This test agrees completely with what is being logged. A TCP connection
was successfully (200) made by Squid "DIRECT"-ly to
"mlrpc.rhn.redhat.com:443".
*Also* Squid is logging that ~6KB of data was sent over that tunnel
connection.
There appears to be no problem.
<snip>
I do get an ACL warning, but am unsure if its the reason the data is
not
served.
aclParseIpData: WARNING: Netmask masks away part of the specified IP
in
'10.254.66.0/22'
Unrelated, but worth fixing anyway. *.66.0 is not the start IP of a /22
range.
Do you want to match 10.254.64.0/22? or 10.254.66.0-10.254.67.255 ? or
something else?
Amos
