I accept http://download.newnext.me/spark.bin to be a virus redirection, but not sure, and dint understand how it is so, i have checked the computer for any unwanted third party and were not found.
Thanks and Regards
Vivek Kumar Singh
Mobile
Vivek Kumar Singh
Mobile
+91
8902000538On Fri, Dec 4, 2015 at 7:11 PM, vivek singh <itpc.vivek@xxxxxxxxx> wrote:
please find below the access log while problem occur1449226819.307: 0: TCP_DENIED/403: 4089: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226828.671: 249222: TCP_TUNNEL/200: 6610: CONNECT: clients2.google.com:443: -: HIER_DIRECT/216.58.196.110
1449226829.308: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226839.323: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226849.216: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226859.119: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226868.917: 0: TCP_DENIED/403: 4088: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226878.635: 0: TCP_DENIED/403: 4089: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226888.391: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226898.104: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226907.951: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226917.685: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226927.463: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226937.162: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226947.042: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226956.901: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226966.745: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226976.559: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226986.260: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449226996.214: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227006.198: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227016.198: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227026.184: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227036.072: 0: TCP_DENIED/403: 4089: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227042.281: 791782: TCP_TUNNEL/200: 5014: CONNECT: mtalk.google.com:443: -: HIER_DIRECT/74.125.130.188
1449227042.537: 714649: TCP_TUNNEL/200: 7775: CONNECT: play.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227042.537: 68131: TCP_TUNNEL/200: 5813: CONNECT: lh3.googleusercontent.com:443: -: HIER_DIRECT/216.58.196.97
1449227042.538: 70423: TCP_TUNNEL/200: 2303: CONNECT: apis.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227042.538: 184079: TCP_TUNNEL/200: 698: CONNECT: csi.gstatic.com:443: -: HIER_DIRECT/216.58.211.3
1449227042.539: 190277: TCP_TUNNEL/200: 3353: CONNECT: ssl.gstatic.com:443: -: HIER_DIRECT/216.58.196.99
1449227042.539: 143474: TCP_TUNNEL/200: 723: CONNECT: clients5.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227042.539: 142248: TCP_TUNNEL/200: 5317: CONNECT: clients5.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227042.540: 165512: TCP_TUNNEL/200: 1107: CONNECT: clients1.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227042.540: 188929: TCP_TUNNEL/200: 7668: CONNECT: plus.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227042.540: 388342: TCP_TUNNEL/200: 4996: CONNECT: clients6.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227042.540: 396197: TCP_TUNNEL/200: 2101: CONNECT: www.google.com:443: -: HIER_DIRECT/216.58.196.100
1449227042.542: 106590: TCP_TUNNEL/200: 575: CONNECT: clients2.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227042.542: 88135: TCP_TUNNEL/200: 963: CONNECT: play.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227042.543: 6778: TCP_TUNNEL/200: 60202: CONNECT: www.google.co.in:443: -: HIER_DIRECT/216.58.196.99
1449227042.543: 786962: TCP_TUNNEL/200: 16071: CONNECT: 0.client-channel.google.com:443: -: HIER_DIRECT/74.125.200.189
1449227042.544: 6709: TCP_TUNNEL/200: 234: CONNECT: www.google.co.in:443: -: HIER_DIRECT/216.58.196.99
1449227042.544: 6630: TCP_TUNNEL/200: 234: CONNECT: www.google.co.in:443: -: HIER_DIRECT/216.58.196.99
1449227042.544: 6399: TCP_TUNNEL/200: 234: CONNECT: www.google.co.in:443: -: HIER_DIRECT/216.58.196.99
1449227045.855: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227055.855: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227065.855: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227075.855: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227085.855: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227095.855: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227105.855: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227115.855: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227125.855: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227135.855: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227145.855: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227155.855: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227165.855: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227175.855: 0: TCP_DENIED/403: 4091: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227185.855: 0: TCP_DENIED/403: 4089: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227195.855: 0: TCP_DENIED/403: 4089: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227196.494: 0: TCP_DENIED/403: 3964: CONNECT: mtalk.google.com:5228: -: HIER_NONE/-
1449227196.503: 0: TCP_DENIED/403: 3964: CONNECT: mtalk.google.com:5228: -: HIER_NONE/-
1449227205.589: 0: TCP_DENIED/403: 4089: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227207.642: 10969: TCP_TUNNEL/200: 4053: CONNECT: www.googleapis.com:443: -: HIER_DIRECT/216.58.197.42
1449227207.643: 10970: TCP_TUNNEL/200: 4053: CONNECT: www.googleapis.com:443: -: HIER_DIRECT/216.58.197.42
1449227215.671: 0: TCP_DENIED/403: 4090: GET: http://download.newnext.me/spark.bin?: -: HIER_NONE/-
1449227215.935: 504: TCP_TUNNEL/200: 0: CONNECT: hangouts.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227216.850: 10806: TCP_TUNNEL/200: 4045: CONNECT: ssl.gstatic.com:443: -: HIER_DIRECT/216.58.196.99
1449227217.642: 11363: TCP_TUNNEL/200: 4770: CONNECT: plus.google.com:443: -: HIER_DIRECT/216.58.196.110
1449227217.642: 13636: TCP_TUNNEL/200: 3993: CONNECT: ssl.gstatic.com:443: -: HIER_DIRECT/216.58.196.99Thanks and Regards
Vivek Kumar Singh
Mobile+918902000538On Fri, Dec 4, 2015 at 12:32 PM, Yuri Voinov <yvoinov@xxxxxxxxx> wrote:
04.12.15 12:59, vivek singh пишет:
Example:Thanks a lot for you responses.
I will update after doing more analysis.
@Amos Jeffries :Q . How does the IP correlate to the tv_ip, sysadmin_ip,
workstation_ip ACLs above?A. these are separate text files in the same directory, containing ip lists.Q. Any difference with how those machines are configured to use the proxyA. all the machines are in the same domain and network.Q. what version of squid-3.5.x is being usedA. Squid 3.5.0.2 on Redhat Linux , packaged rpm is used.Q. His squid.conf does not contain anything that obviously restricts that.So I am suspecting the problems some old-ish browsers and OS have with POST messages and Expect headersA. On the same machine if i change it to use another windows proxy server, it works fine.
@ Eliezer CroitoruQ. slow uploads but in 3.5.X which I am almost sure was not fixed yetA. while on other machines it is working fine.
@Yuri Voinov
Q. I suggest the problem just required to allow POST method from LAN and/or to mail servers. Often this can helpA. Do i explicitly need to do so, if yes please tell me how.
# Adjust network as you need
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl POST method POST
# Allow POST for localnet
http_access allow POST localnet
Thanks and Regards
Vivek Kumar Singh
On Thu, Dec 3, 2015 at 10:01 PM, Eliezer Croitoru <eliezer@xxxxxxxxxxxx> wrote:
Or it could be the slow uploads but in 3.5.X which I am almost sure was not fixed yet.
Eliezer
On 03/12/2015 12:24, Amos Jeffries wrote:
His squid.conf does not contain anything that obviously restricts that.
So I am suspecting the problems some old-ish browsers and OS have with
POST messages and Expect headers.
Or that some of the machines have been configured in a way that only
partially configures the applictinos on it, leaving some occasionally to
not even find the proxy.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
