On 19/10/19 1:21 am, Vieri Di Paola wrote: > On Fri, Oct 11, 2019 at 3:50 PM Amos Jeffries wrote: >> >> Note that this last entry is about a connection to port 443, whereas the >> rest of the log is all about traffic to port 80. >>> >>> The Squid machine has no issues if I browse the web from command line, >>> eg. 'links http://www.linuxheadquarters.com' works fine. >>> >>> What should I be looking for? >> >> TCP/IP level packet routing. Squid is trying to open a TCP connection to >> that "remote=" server. TCP SYN is sent, and then ... ... ... nothing. > > I noticed the ":80 to :443" flaw in the log, and I don't know why this > shows up if it's not a redirection. If you are able to share your config maybe we could help spot something, both for that and for the timeout issue. > So I did another test to another destination, and I tried to connect > to host with IP addr. 104.113.250.104 on port 80. > Now the log is consistent, but I'm still getting the same connection > timeout even though I can connect without any issues with an HTTP > client from the Squid machine itself. If it were a packet routing > issue, wouldn't the connection time out also with this HTTP client on > the server itself? You said Squid used TPROXY. The spoofing of packets causes a different set of routing tables and rules to be applied than normal server outgoing traffic. > > Do you see anything fishy in the squid log I've pasted below? > Looks like Squid is doing everything right and the issues is somewhere between the TCP SYN send and SYN ACK returning. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
