* Amos Jeffries <squid3@xxxxxxxxxxxxx>: > This is the counter of how many "error" responses were generated and > logged by Squid. OK > Are you using deny_info redirection? (this counter includes the > 200/30x responses from that hack) Yes, massively so: deny_info http://proxy.charite.de/phishing/ phish1 deny_info http://proxy.charite.de/phishing/ phish2 deny_info http://proxy.charite.de/phishing/ phish3 deny_info http://proxy.charite.de/phishing/ phish4 deny_info http://proxy.charite.de/phishing/ phish5 deny_info http://proxy.charite.de/phishing/ phish6 deny_info http://proxy.charite.de/proxy/ dmz deny_info http://proxy.charite.de/proxy/ intranet > or are you logging more 4xx/5xx responses than before? Nope. > A scan of your logs should indicate what errors are happening more > often now. So I guess it's that "deny_info" stuff. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebrandt@xxxxxxxxxx Campus Benjamin Franklin http://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155
