Search squid archive

Re: wccp2_service_info fails on more than one port number

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In this case you can simple open bug on Bugzilla.

04.03.15 0:46, Guy Helmer пишет:
> Disregarding the complaints about Cisco configuration, here is a
> simple example: If I want to intercept plain HTTP on ports 8008 and
> 8080:
> 
> wccp2_service_info 94 protocol=tcp flags=dst_ip_hash,ports_source
> priority=240 ports=8008,8080
> 
> Squid 3.4.12 will still give this incorrect error:
> 
> FATAL: Bungled /usr/local/etc/squid/squid.conf line 55:
> wccp2_service_info 94 protocol=tcp flags=dst_ip_hash,ports_source
> priority=240 ports=8008,8080
> 
> WCCP2 is documented as allowing up to 8 ports per service. This is
> broken by parsing changes in Squid 3.4.
> 
> Regards, Guy
> 
>> On Mar 3, 2015, at 12:15 PM, Yuri Voinov <yvoinov@xxxxxxxxx>
>> wrote:
>> 
> Don't think this is bug.
> 
> You got very custom configuration, which can not be common.
> 
> As I said, HTTP ports other than 80 is very rarely used in WAN's.
> And be better to separate HTTPS port from HTTP.
> 
> Modern iOS can not accept your configuration. Beware.
> 
> 03.03.15 23:57, Guy Helmer пишет:
>>>> Thanks Yuri -- I have thoroughly read Cisco IOS
>>>> configuration manuals pertaining to WCCP2. From what I have
>>>> read, there is no strict requirement for separate
>>>> configurations for standard web-cache port 80 and dynamic
>>>> service for non-port 80 — wccp2 dynamic services allow
>>>> redirection of any ports (up to a total of 8), including port
>>>> 80. As I’ve stated before, this was a working configuration
>>>> in squid 3.3 at multiple sites. If there is a rationale for
>>>> distinct wccp2 service configurations for port 80 vs other
>>>> ports, I sure could use a reference that explains it.
>>>> 
>>>> As I’ve pointed out, there is a bug in Squid 3.4 that
>>>> prevents specifying multiple TCP ports in the
>>>> wccp2_service_info line. I’ve corrected that now in my
>>>> sources. After fixing that bug, squid 3.4.12 is functioning
>>>> with WCCP2 interception for port 80, 443, and others as it
>>>> did in version 3.3.x.
>>>> 
>>>> Regards, Guy
>>>> 
>>>>> On Mar 3, 2015, at 11:29 AM, Yuri Voinov
>>>>> <yvoinov@xxxxxxxxx> wrote:
>>>>> 
>>>> Please, read Cisco iOS WCCPv2 manual first.
>>>> 
>>>> This one:
>>>> 
>>>> http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html
>>>> <http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html>
>>>>
>>>> 
<http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html
<http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html>>
>>>> 
>>>> and this one:
>>>> 
>>>> http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html#wp1000955
>>>> <http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html#wp1000955>
>>>>
>>>> 
<http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html#wp1000955
<http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html#wp1000955>>
>>>> 
>>>> wccp web-cache uses port 80 by default. Other http ports is
>>>> less than percentile on web-traffic.
>>>> 
>>>> https requires another dynamic wccp service.
>>>> 
>>>> Also, take a look on config example again.
>>>> 
>>>> This is working configuration.
>>>> 
>>>> 03.03.15 23:21, Guy Helmer пишет:
>>>>>>> It has worked in the past with WCCP2 dynamic services
>>>>>>> at multiple sites.
>>>>>>> 
>>>>>>> I’ve uncovered the wccp2_service_info ports parsing
>>>>>>> error:
>>>>>>> 
>>>>>>> --- src/wccp2.cc.ORIG	2015-03-03 11:08:18.000000000
>>>>>>> -0600 +++ src/wccp2.cc <http://wccp2.cc/>	2015-03-03
>>>>>>> 11:10:37.000000000 -0600 @@ -2264,7 +2264,10 @@ if (i
>>>>>>> >= WCCP2_NUMPORTS) { fatalf("parse_wccp2_service_ports:
>>>>>>> too many ports (maximum: 8) in list '%s'\n", options);
>>>>>>> } -        int p = xatoi(tmp); + char copy[len + 1]; +
>>>>>>> memcpy(copy, tmp, len); + copy[len] = '\0'; +
>>>>>>> int p = xatoi(copy);
>>>>>>> 
>>>>>>> if (p < 1 || p > 65535) {
>>>>>>> fatalf("parse_wccp2_service_ports: port value '%s'
>>>>>>> isn't valid (1..65535)\n", tmp);
>>>>>>> 
>>>>>>> 
>>>>>>>> On Mar 3, 2015, at 11:06 AM, Yuri Voinov 
>>>>>>>> <yvoinov@xxxxxxxxx <mailto:yvoinov@xxxxxxxxx>>
>>>>>>>> wrote:
>>>>>>>> 
>>>>>>> You cannot combine HTTP and HTTPS in one WCCP service.
>>>>>>> 
>>>>>>> http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
>>>>>>> <http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2>
>>>>>>>
>>>>>>> 
<http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
<http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2>>
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
> 03.03.15 23:04, Guy Helmer пишет:
>>>>>>>>>> This used to work in 3.3.x:
>>>>>>>>>> 
>>>>>>>>>> wccp2_service_info 94 protocol=tcp 
>>>>>>>>>> flags=dst_ip_hash,ports_source priority=240 
>>>>>>>>>> ports=80,81,83,591,8008,8080,443
>>>>>>>>>> 
>>>>>>>>>> squid 3.4.12 fails: 2015/03/03 11:02:33.109| 
>>>>>>>>>> cache_cf.cc(556) parseOneConfigFile: Processing:
>>>>>>>>>>  wccp2_service_info 94 protocol=tcp 
>>>>>>>>>> flags=dst_ip_hash,ports_source priority=240 
>>>>>>>>>> ports=80,81,83,591,8008,8080,443 2015/03/03 
>>>>>>>>>> 11:02:33.109| wccp2.cc <http://wccp2.cc/>
>>>>>>>>>> <http://wccp2.cc/ <http://wccp2.cc/>>(2298) 
>>>>>>>>>> parse_wccp2_service_info:
>>>>>>>>>> parse_wccp2_service_info: called 2015/03/03
>>>>>>>>>> 11:02:33.109| ERROR: Invalid value: 
>>>>>>>>>> '80,81,83,591,8008,8080,443' is supposed to be a 
>>>>>>>>>> number.
>>>>>>>>>> 
>>>>>>>>>> Any help?
>>>>>>>>>> 
>>>>>>>>>> Thanks, Guy 
>>>>>>>>>> _______________________________________________ 
>>>>>>>>>> squid-users mailing list 
>>>>>>>>>> squid-users@xxxxxxxxxxxxxxxxxxxxx
>>>>>>>>>> <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx> 
>>>>>>>>>> <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx
>>>>>>>>>> <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx>> 
>>>>>>>>>> http://lists.squid-cache.org/listinfo/squid-users
>>>>>>>>>> <http://lists.squid-cache.org/listinfo/squid-users>
>>>>>>>>>>
>>>>>>>>>> 
<http://lists.squid-cache.org/listinfo/squid-users
<http://lists.squid-cache.org/listinfo/squid-users>>
>>>>>>>>>> 
>>>>>>>> _______________________________________________ 
>>>>>>>> squid-users mailing list
>>>>>>>> squid-users@xxxxxxxxxxxxxxxxxxxxx
>>>>>>>> <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx> 
>>>>>>>> <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx
>>>>>>>> <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx>> 
>>>>>>>> http://lists.squid-cache.org/listinfo/squid-users
>>>>>>>> <http://lists.squid-cache.org/listinfo/squid-users> 
>>>>>>>> <http://lists.squid-cache.org/listinfo/squid-users
>>>>>>>> <http://lists.squid-cache.org/listinfo/squid-users>>
>>>>>>> 
>>>> 
>>>> 
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBAgAGBQJU9gdPAAoJENNXIZxhPexGXSIIAIS7GWUxK9Do7WXVBc+K78tW
muArO50AbqK4EhcimZEp1pNm7+S7eLMcC1tk535l5IlXWzt3y4Y66bweCnmmm1HC
1JbpSYfFHB161L43ltxQ1MDrTZP5IL+VwkCzoV4f4MUkLvwXevZYq3MP5HaWDQim
BjGrp3D2QTvcYxzky+9fOko9cYpkd10aohfSIEDeTWq8QshNYZiqZhEYrh6pnkWR
6QfLX/ie8An80Y+gWfZWk6rOQaKGaD3DH8wHs0Dz1wO7sNBfyt/nLcyoridX17En
T80g2tUErO1OxOcngf+q75VbVEW4IfuiV3WWb61vxu0+iuWOhEevU7/qMmPSOfs=
=l50x
-----END PGP SIGNATURE-----
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux