On 24/07/2013 4:37 p.m., PSA4444 wrote:
I am running a squid reverse proxy in a DMZ which allows the outside world to access several websites I am hosting. One of these websites is a nagios server. Everything has been working well for months but this morning, users were not able to access the nagios site. Nobody has changed anything on either server for months. This is being logged in access.log: xx.xx.xx.xx TCP_MISS/403 680 GET http://nagios.blah.com/nagios - FIRSTUP_PARENT/yy.yy.yy.yy text/html xx.xx.xx.xx TCP_MISS/403 680 GET http://nagios.blah.com/favicon.ico - FIRSTUP_PARENT/yy.yy.yy.yy text/html xx.xx.xx.xx = source IP yy.yy.yy.yy = unknown ip Relevant entry: #Nagios cache_peer nagios.blah.com parent 80 0 no-query originserver name=nag login=PASSTHRU acl sites_nag dstdomain nagios.blah.com cache_peer_access nag allow sites_nag firstclient cache_peer_access nag allow sites_nag secondclient cache_peer_access nag deny publicall acl https proto https http_access allow all I have a hosts file entry pointing the squid server to the local nagios server. 10.0.1.23 nagios.blah.com Connecting directly to this via squid using the links browser works. Connecting directly to the nagios server via firefox within the network also works. I have tried restarting squid and the apache service on the nagios server. Any idea what's wrong, why this suddenly started happening and how to fix it?
If you have more than one cache_peer directive in use the above snippet of your config file may *not* be the relevant config line. Particularly if yy.yy.yy.yy is not 10.0.1.23. Apparently yy.yy.yy.yy is an IP address of *one* of your cache_peer entries. The cache manager "ipcache" report should be able to tell you which one.
Amos