BTW, I posted this a 2nd time because I didn't see the 1st post
ever post (or maybe I didn't see the 2nd post post?...) but it
sorta looks like you responded to the 1st post, and my 2nd post
came in immediate after...strange...
Thank you very much, for your reply, answers are below...
Linda
On 11/29/2018 7:53 AM, Alex Rousskov wrote:
On 11/29/18 5:33 AM, L A Walsh wrote:
I bumped to squid4 a few months ago, but stil haven't gotten to the point
where I can see and cache individual requests and following config examples
@ https://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit,
I'm feeling rather clueless as to what I'm missing.
What record(s) does your access.log contain for a single test
transaction (preferably using curl or wget rather than a browser)? Any
messages in cache.log for that test transaction? Any ERRORs or WARNINGs
in cache.log at Squid startup?
----
From the latest startup:
2018/11/29 09:26:17| Created PID file (/run/squid.pid)
2018/11/29 09:26:17 kid1| Set Current Directory to /var/cache/squid
2018/11/29 09:26:17 kid1| Starting Squid Cache version 4.0.25 for
x86_64-pc-linux-gnu...
2018/11/29 09:26:17 kid1| Service Name: squid
2018/11/29 09:26:17 kid1| Process ID 2344
2018/11/29 09:26:17 kid1| Process Roles: worker
2018/11/29 09:26:17 kid1| With 16384 file descriptors available
2018/11/29 09:26:17 kid1| Initializing IP Cache...
2018/11/29 09:26:17 kid1| DNS Socket created at 0.0.0.0, FD 5
2018/11/29 09:26:17 kid1| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2018/11/29 09:26:17 kid1| Adding nameserver 192.168.3.1 from
/etc/resolv.conf
2018/11/29 09:26:17 kid1| Adding domain sc.tlinx.org from /etc/resolv.conf
2018/11/29 09:26:17 kid1| Adding domain tlinx.org from /etc/resolv.conf
2018/11/29 09:26:17 kid1| Adding ndots 1 from /etc/resolv.conf
2018/11/29 09:26:17 kid1| helperOpenServers: Starting 5/32
'security_file_certgen' processes
2018/11/29 09:26:17 kid1| Logfile: opening log
daemon:/var/log/squid/access.log
2018/11/29 09:26:17 kid1| Logfile Daemon: opening log
/var/log/squid/access.log
2018/11/29 09:26:17 kid1| Store logging disabled
2018/11/29 09:26:17 kid1| Swap maxSize 100663296 + 262144 KB, estimated
394240 objects
2018/11/29 09:26:17 kid1| Target number of buckets: 12320
2018/11/29 09:26:17 kid1| Using 16384 Store buckets
2018/11/29 09:26:17 kid1| Max Mem size: 262144 KB
2018/11/29 09:26:17 kid1| Max Swap size: 100663296 KB
2018/11/29 09:26:18 kid1| Rebuilding storage in /var/cache/squid (dirty log)
2018/11/29 09:26:18 kid1| Using Least Load store dir selection
2018/11/29 09:26:18 kid1| Set Current Directory to /var/cache/squid
2018/11/29 09:26:18 kid1| Finished loading MIME types and icons.
2018/11/29 09:26:18 kid1| WARNING: No ssl_bump configured. Disabling
ssl-bump on http_port 192.168.3.1:8118
2018/11/29 09:26:18 kid1| HTCP Disabled.
2018/11/29 09:26:18 kid1| Pinger socket opened on FD 27
2018/11/29 09:26:18 kid1| Squid plugin modules loaded: 0
2018/11/29 09:26:18 kid1| Adaptation support is off.
2018/11/29 09:26:18 kid1| Accepting HTTP Socket connections at
local=192.168.3.1:8118 remote=[::] FD 23 flags=9
2018/11/29 09:26:18 kid1| Accepting HTTP Socket connections at
local=192.168.3.1:8080 remote=[::] FD 24 flags=9
2018/11/29 09:26:18 kid1| Accepting HTTP Socket connections at
local=127.0.0.1:8080 remote=[::] FD 25 flags=9
2018/11/29 09:26:18 kid1| Store rebuilding is 0.60% complete
2018/11/29 09:26:18| pinger: Initialising ICMP pinger ...
2018/11/29 09:26:18| pinger: ICMP socket opened.
2018/11/29 09:26:21 kid1| Done reading /var/cache/squid swaplog (663690
entries)
2018/11/29 09:26:21 kid1| Finished rebuilding storage from disk.
2018/11/29 09:26:21 kid1| 663558 Entries scanned
2018/11/29 09:26:21 kid1| 0 Invalid entries.
2018/11/29 09:26:21 kid1| 0 With invalid flags.
2018/11/29 09:26:21 kid1| 663504 Objects loaded.
2018/11/29 09:26:21 kid1| 0 Objects expired.
2018/11/29 09:26:21 kid1| 95 Objects cancelled.
2018/11/29 09:26:21 kid1| 0 Duplicate URLs purged.
2018/11/29 09:26:21 kid1| 54 Swapfile clashes avoided.
2018/11/29 09:26:21 kid1| Took 3.76 seconds (176329.00 objects/sec).
2018/11/29 09:26:21 kid1| Beginning Validation Procedure
2018/11/29 09:26:21 kid1| 262144 Entries Validated so far.
2018/11/29 09:26:22 kid1| 524288 Entries Validated so far.
2018/11/29 09:26:22 kid1| Completed Validation Procedure
2018/11/29 09:26:22 kid1| Validated 663462 Entries
2018/11/29 09:26:22 kid1| store_swap_size = 90578908.00 KB
2018/11/29 09:26:22 kid1| storeLateRelease: released 95 objects
2018/11/29 10:10:32 kid1| ipcacheParse No Address records in response to
'ipv6.msftncsi.com'
2018/11/29 10:11:43 kid1| Logfile: opening log
stdio:/var/cache/squid/cache/squid/netdb.state
2018/11/29 10:11:43 kid1| netdbSaveState
stdio:/var/cache/squid/cache/squid/netdb.state: (0) No error.
---
When I tried to do a wget on "www.slashdot.org", I in my short-hand
monitor of the access log, I see:
[1129_101306.00] 129ms; 266 (0/2.0K) MISS/301 <Ishtar [HEAD
http://www.slashdot.org/ - 216.105.38.15 text/html]
+0.10 48ms; 39 (419/813) TUNNEL/200 <Ishtar [CONNECT
www.slashdot.org:443 - 216.105.38.15 -]
---
and the form directly from the access log shows:
1543515186.809 129 192.168.3.1 TCP_MISS/301 266 HEAD
http://www.slashdot.org/ - HIER_DIRECT/216.105.38.15 text/html
[User-Agent: "Mozilla/4.0 (compatible; MSIE 6.1; Windows NT
5.1)"\r\nAccept: */*\r\nConnection: Keep-Alive\r\nProxy-Connection:
Keep-Alive\r\nHost: www.slashdot.org\r\n] [HTTP/1.1 301 Moved
Permanently\r\nServer: nginx/1.13.12\r\nDate: Thu, 29 Nov 2018 18:13:06
GMT\r\nContent-Type: text/html\r\nContent-Length: 186\r\nConnection:
keep-alive\r\nLocation: https://www.slashdot.org/\r\n\r]
1543515186.902 48 192.168.3.1 TCP_TUNNEL/200 39 CONNECT
www.slashdot.org:443 - HIER_DIRECT/216.105.38.15 - [User-Agent:
"Mozilla/4.0 (compatible; MSIE 6.1; Windows NT 5.1)"\r\nHost:
www.slashdot.org:443\r\n] []
---
the wget showed:
wget "http://www.slashdot.org"
--2018-11-29 10:13:06-- http://www.slashdot.org/
Resolving ishtar.sc.tlinx.org (ishtar.sc.tlinx.org)... 192.168.3.1
Connecting to ishtar.sc.tlinx.org
(ishtar.sc.tlinx.org)|192.168.3.1|:8118... connected.
Proxy request sent, awaiting response... 301 Moved Permanently
Location: https://www.slashdot.org/ [following]
--2018-11-29 10:13:06-- https://www.slashdot.org/
Connecting to ishtar.sc.tlinx.org
(ishtar.sc.tlinx.org)|192.168.3.1|:8118... connected.
Unable to establish SSL connection.
Converted 0 files in 0 seconds.
and curl shows:
curl --http1.0 "http://www.slashdot.org" -D headers.txt -o out_.htm
% Total % Received % Xferd Average Speed Time Time Time
Current
Dload Upload Total Spent Left
Speed
100 186 100 186 0 0 3358 0 --:--:-- --:--:--
--:--:-- 3381
Ishtar:/tmp> cat headers.txt
HTTP/1.1 301 Moved Permanently
Server: nginx/1.13.12
Date: Thu, 29 Nov 2018 18:27:31 GMT
Content-Type: text/html
Content-Length: 186
Connection: close
Location: https://www.slashdot.org/
cat out_.htm
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.13.12</center>
</body>
</html>
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users