Search squid archive

Deny_Info TCP_RESET

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Operating in reverse proxy mode.   I'm trying to send a TCP reset in response to the acl below:

acl example_url url_regex -i [^:]+://[^0-9]*.example.com.*
deny_info TCP_RESET example_url
http_access deny example_url

Looking at the packets I see the following response:

HTTP/1.0 403 Forbidden
Server: squid
Mime-Version: 1.0
Date: Wed, 27 Mar 2019 20:36:20 GMT
Content-Type: text/html
Content-Length: 5
X-Squid-Error: TCP_RESET 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from www.example.com
X-Cache-Lookup: NONE from www.example.com:80
Via: 1.0 www.example.com (squid)
Connection: keep-alive

reset

Squid sends the headers and the word reset.  Then future requests seem to work as expected.  No headers are sent, the word reset isn't sent and squid ultimately sends a RST and ACK.

Then after some time  or squid gets reloaded the headers are sent again, then things seem to work as I would expect.

I'm not sure if it will help, but wanted to try the following to see if that will get rid of that initial header being sent. 

acl example_url url_regex -i [^:]+://[^0-9]*.example.com.*
deny_info TCP_RESET example_url
http_reply_access deny example_url

Do I still need the http_access deny example_url in addition to the http_reply_access deny example_url statement, or does the http_reply_access take the place of http_access statement:


acl example_url url_regex -i [^:]+://[^0-9]*.example.com.*
deny_info TCP_RESET example_url
http_reply_access deny example_url
http_access deny example_url
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux