Search squid archive

Re: how to go from connect/tunnel in squid4 ->GET

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



BTW, I posted this a 2nd time because I didn't see the 1st post
ever post (or maybe I didn't see the 2nd post post?...) but it
sorta looks like you responded to the 1st post, and my 2nd post
came in immediate after...strange...
Thank you very much, for your reply, answers are below...
Linda


On 11/29/2018 7:53 AM, Alex Rousskov wrote:
On 11/29/18 5:33 AM, L A Walsh wrote:

I bumped to squid4 a few months ago, but stil haven't gotten to the point
where I can see and cache individual requests and following config examples
@ https://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit,
I'm feeling rather clueless as to what I'm missing.

What record(s) does your access.log contain for a single test
transaction (preferably using curl or wget rather than a browser)? Any
messages in cache.log for that test transaction? Any ERRORs or WARNINGs
in cache.log at Squid startup?
----
From the latest startup:
2018/11/29 09:26:17| Created PID file (/run/squid.pid)
2018/11/29 09:26:17 kid1| Set Current Directory to /var/cache/squid
2018/11/29 09:26:17 kid1| Starting Squid Cache version 4.0.25 for x86_64-pc-linux-gnu...
2018/11/29 09:26:17 kid1| Service Name: squid
2018/11/29 09:26:17 kid1| Process ID 2344
2018/11/29 09:26:17 kid1| Process Roles: worker
2018/11/29 09:26:17 kid1| With 16384 file descriptors available
2018/11/29 09:26:17 kid1| Initializing IP Cache...
2018/11/29 09:26:17 kid1| DNS Socket created at 0.0.0.0, FD 5
2018/11/29 09:26:17 kid1| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2018/11/29 09:26:17 kid1| Adding nameserver 192.168.3.1 from /etc/resolv.conf
2018/11/29 09:26:17 kid1| Adding domain sc.tlinx.org from /etc/resolv.conf
2018/11/29 09:26:17 kid1| Adding domain tlinx.org from /etc/resolv.conf
2018/11/29 09:26:17 kid1| Adding ndots 1 from /etc/resolv.conf
2018/11/29 09:26:17 kid1| helperOpenServers: Starting 5/32 'security_file_certgen' processes 2018/11/29 09:26:17 kid1| Logfile: opening log daemon:/var/log/squid/access.log 2018/11/29 09:26:17 kid1| Logfile Daemon: opening log /var/log/squid/access.log
2018/11/29 09:26:17 kid1| Store logging disabled
2018/11/29 09:26:17 kid1| Swap maxSize 100663296 + 262144 KB, estimated 394240 objects
2018/11/29 09:26:17 kid1| Target number of buckets: 12320
2018/11/29 09:26:17 kid1| Using 16384 Store buckets
2018/11/29 09:26:17 kid1| Max Mem  size: 262144 KB
2018/11/29 09:26:17 kid1| Max Swap size: 100663296 KB
2018/11/29 09:26:18 kid1| Rebuilding storage in /var/cache/squid (dirty log)
2018/11/29 09:26:18 kid1| Using Least Load store dir selection
2018/11/29 09:26:18 kid1| Set Current Directory to /var/cache/squid
2018/11/29 09:26:18 kid1| Finished loading MIME types and icons.
2018/11/29 09:26:18 kid1| WARNING: No ssl_bump configured. Disabling ssl-bump on http_port 192.168.3.1:8118
2018/11/29 09:26:18 kid1| HTCP Disabled.
2018/11/29 09:26:18 kid1| Pinger socket opened on FD 27
2018/11/29 09:26:18 kid1| Squid plugin modules loaded: 0
2018/11/29 09:26:18 kid1| Adaptation support is off.
2018/11/29 09:26:18 kid1| Accepting HTTP Socket connections at local=192.168.3.1:8118 remote=[::] FD 23 flags=9 2018/11/29 09:26:18 kid1| Accepting HTTP Socket connections at local=192.168.3.1:8080 remote=[::] FD 24 flags=9 2018/11/29 09:26:18 kid1| Accepting HTTP Socket connections at local=127.0.0.1:8080 remote=[::] FD 25 flags=9
2018/11/29 09:26:18 kid1| Store rebuilding is 0.60% complete
2018/11/29 09:26:18| pinger: Initialising ICMP pinger ...
2018/11/29 09:26:18| pinger: ICMP socket opened.
2018/11/29 09:26:21 kid1| Done reading /var/cache/squid swaplog (663690 entries)
2018/11/29 09:26:21 kid1| Finished rebuilding storage from disk.
2018/11/29 09:26:21 kid1|    663558 Entries scanned
2018/11/29 09:26:21 kid1|         0 Invalid entries.
2018/11/29 09:26:21 kid1|         0 With invalid flags.
2018/11/29 09:26:21 kid1|    663504 Objects loaded.
2018/11/29 09:26:21 kid1|         0 Objects expired.
2018/11/29 09:26:21 kid1|        95 Objects cancelled.
2018/11/29 09:26:21 kid1|         0 Duplicate URLs purged.
2018/11/29 09:26:21 kid1|        54 Swapfile clashes avoided.
2018/11/29 09:26:21 kid1|   Took 3.76 seconds (176329.00 objects/sec).
2018/11/29 09:26:21 kid1| Beginning Validation Procedure
2018/11/29 09:26:21 kid1|   262144 Entries Validated so far.
2018/11/29 09:26:22 kid1|   524288 Entries Validated so far.
2018/11/29 09:26:22 kid1|   Completed Validation Procedure
2018/11/29 09:26:22 kid1|   Validated 663462 Entries
2018/11/29 09:26:22 kid1|   store_swap_size = 90578908.00 KB
2018/11/29 09:26:22 kid1| storeLateRelease: released 95 objects
2018/11/29 10:10:32 kid1| ipcacheParse No Address records in response to 'ipv6.msftncsi.com' 2018/11/29 10:11:43 kid1| Logfile: opening log stdio:/var/cache/squid/cache/squid/netdb.state 2018/11/29 10:11:43 kid1| netdbSaveState stdio:/var/cache/squid/cache/squid/netdb.state: (0) No error.

---
When I tried to do a wget on "www.slashdot.org", I in my short-hand
monitor of the access log, I see:

[1129_101306.00] 129ms; 266 (0/2.0K) MISS/301 <Ishtar [HEAD http://www.slashdot.org/ - 216.105.38.15 text/html] +0.10 48ms; 39 (419/813) TUNNEL/200 <Ishtar [CONNECT www.slashdot.org:443 - 216.105.38.15 -]

---
and the form directly from the access log shows:
1543515186.809 129 192.168.3.1 TCP_MISS/301 266 HEAD http://www.slashdot.org/ - HIER_DIRECT/216.105.38.15 text/html [User-Agent: "Mozilla/4.0 (compatible; MSIE 6.1; Windows NT 5.1)"\r\nAccept: */*\r\nConnection: Keep-Alive\r\nProxy-Connection: Keep-Alive\r\nHost: www.slashdot.org\r\n] [HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.13.12\r\nDate: Thu, 29 Nov 2018 18:13:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 186\r\nConnection: keep-alive\r\nLocation: https://www.slashdot.org/\r\n\r] 1543515186.902 48 192.168.3.1 TCP_TUNNEL/200 39 CONNECT www.slashdot.org:443 - HIER_DIRECT/216.105.38.15 - [User-Agent: "Mozilla/4.0 (compatible; MSIE 6.1; Windows NT 5.1)"\r\nHost: www.slashdot.org:443\r\n] []


---
the wget showed:

 wget "http://www.slashdot.org";
--2018-11-29 10:13:06--  http://www.slashdot.org/
Resolving ishtar.sc.tlinx.org (ishtar.sc.tlinx.org)... 192.168.3.1
Connecting to ishtar.sc.tlinx.org (ishtar.sc.tlinx.org)|192.168.3.1|:8118... connected.
Proxy request sent, awaiting response... 301 Moved Permanently
Location: https://www.slashdot.org/ [following]
--2018-11-29 10:13:06--  https://www.slashdot.org/
Connecting to ishtar.sc.tlinx.org (ishtar.sc.tlinx.org)|192.168.3.1|:8118... connected.
Unable to establish SSL connection.
Converted 0 files in 0 seconds.

and curl shows:

 curl --http1.0 "http://www.slashdot.org"; -D headers.txt -o out_.htm
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 186 100 186 0 0 3358 0 --:--:-- --:--:-- --:--:-- 3381
Ishtar:/tmp> cat headers.txt
HTTP/1.1 301 Moved Permanently
Server: nginx/1.13.12
Date: Thu, 29 Nov 2018 18:27:31 GMT
Content-Type: text/html
Content-Length: 186
Connection: close
Location: https://www.slashdot.org/
 cat out_.htm
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.13.12</center>
</body>
</html>








_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux