On 10/10/20 2:54 am, Roberto Nunnari wrote: > Hello. > > > > I work in secondary school and our access to internet is protected in > two points: > > 1) Squid proxy (I manage this) > > 2) Internet service provider (they change *.google.com ssl > certificate with zscaler) > > > > We install these zscaler certificates on all our clients, but I believe > this java app doesn’t care to use it. > > > > Now, can somebody explain these logs to me, please? > Sure: > > Fri Oct 9 15:44:41 2020.521 1 10.20.8.212 TCP_DENIED/407 4076 > CONNECT google.ch:443 - HIER_NONE/- text/html > Client sent a CONNECT request to the proxy. It did not have credentials, so Squid responded with a 407 message informing it that credentials are required. > Fri Oct 9 15:44:41 2020.660 122 10.20.8.212 TCP_TUNNEL/200 3552 > CONNECT google.ch:443 CPT\\docente.test HIER_DIRECT/216.58.215.227 - > Client sent CONNECT requests with credentials. Squid opened a tunnel to the relevant server as requested by client. Client spent 122ms using the tunnel for something. > Fri Oct 9 15:44:52 2020.461 0 10.20.8.212 NONE/000 0 NONE > error:transaction-end-before-headers - HIER_NONE/- - > Client opened TCP connection to the proxy. Then closed it. This is fairly common side effect of "Happy Eyeballs" behaviour where clients open multiple connections and only use the first to succeed. Or possibly the client had some other reason for closing. The log record is just informative so you know it is happening and useful to explain many sockets having TCP TIME_WAIT status if that becomes a problem. HTH Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users