Hi Amos,
Thank you for the reply,
here's my squid.conf, by default our client's(localnet) do not have internet access and only match windows services acl's unless they are in authorizednet.conf, in this case that's the only match acl for the clients using this application, i also removed some of the includes i have, it's mostly random src to random dstdomain, the clients in question do not match this acl's at all.
---
squid 4.15 squid.conf:
---
logformat timereadable %tl %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log daemon:/var/log/squid/access.log timereadable
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
include /etc/squid/acls/authorizednet.conf
acl SSL_ports port 443
acl SSL_ports port 8080
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl FTP_ports port 21 1025-65535
acl CONNECT method CONNECT
###BlockLists
include /etc/squid/acls/blocklists-remotes.conf
###Microsoft ATP
include /etc/squid/acls/atp.conf
###Windows Activation
include /etc/squid/acls/wactivate.conf
###No Windows Update
include /etc/squid/acls/nowupdate.conf
###Windows Update
include /etc/squid/acls/wupdate.conf
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow authorizednet
http_access allow localhost
http_access deny all
http_port 3128
cache_dir ufs /var/spool/squid 50000 16 256
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
max_filedesc 65535
maximum_object_size 10000 MB
range_offset_limit 10000 MB windowsupdate
quick_abort_min -1
refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
access_log daemon:/var/log/squid/access.log timereadable
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
include /etc/squid/acls/authorizednet.conf
acl SSL_ports port 443
acl SSL_ports port 8080
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl FTP_ports port 21 1025-65535
acl CONNECT method CONNECT
###BlockLists
include /etc/squid/acls/blocklists-remotes.conf
###Microsoft ATP
include /etc/squid/acls/atp.conf
###Windows Activation
include /etc/squid/acls/wactivate.conf
###No Windows Update
include /etc/squid/acls/nowupdate.conf
###Windows Update
include /etc/squid/acls/wupdate.conf
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow authorizednet
http_access allow localhost
http_access deny all
http_port 3128
cache_dir ufs /var/spool/squid 50000 16 256
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
max_filedesc 65535
maximum_object_size 10000 MB
range_offset_limit 10000 MB windowsupdate
quick_abort_min -1
refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
---
And here's squid 5.2 squid.conf, it's pretty much the same:
---
logformat timereadable %tl %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log daemon:/var/log/squid/access.log timereadable
debug_options ALL,1 33,2 28,9
acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
include /etc/squid/acls/authorizednet.conf
acl SSL_ports port 443
acl SSL_ports port 8080
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl FTP_ports port 21 1025-65535
###BlockLists
include /etc/squid/acls/blocklists-remotes.conf
###Microsoft ATP
include /etc/squid/acls/atp.conf
###Windows Activation
include /etc/squid/acls/wactivate.conf
###No Windows Update
include /etc/squid/acls/nowupdate.conf
###Windows Update
include /etc/squid/acls/wupdate.conf
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow authorizednet
http_access allow localhost
http_access deny all
http_port 3128
cache_dir ufs /var/spool/squid 50000 16 256
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
maximum_object_size 10000 MB
range_offset_limit 10000 MB windowsupdate
quick_abort_min -1
refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
access_log daemon:/var/log/squid/access.log timereadable
debug_options ALL,1 33,2 28,9
acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
include /etc/squid/acls/authorizednet.conf
acl SSL_ports port 443
acl SSL_ports port 8080
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl FTP_ports port 21 1025-65535
###BlockLists
include /etc/squid/acls/blocklists-remotes.conf
###Microsoft ATP
include /etc/squid/acls/atp.conf
###Windows Activation
include /etc/squid/acls/wactivate.conf
###No Windows Update
include /etc/squid/acls/nowupdate.conf
###Windows Update
include /etc/squid/acls/wupdate.conf
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow authorizednet
http_access allow localhost
http_access deny all
http_port 3128
cache_dir ufs /var/spool/squid 50000 16 256
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
maximum_object_size 10000 MB
range_offset_limit 10000 MB windowsupdate
quick_abort_min -1
refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
As for squid rocky linux packages information, here is the links:
Thank you!
On Mon, 29 Aug 2022 at 13:36, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
On 29/08/22 22:17, David Ferreira wrote:
> hi,
>
> First time using mailing lists, sorry about anything.
>
Welcome, and thanks for using Squid.
Do not worry about mistakes. Helping with that type of thing is what
this list is here for whether expert or beginner.
>
> Squid 4.15:
> 26/Aug/2022:15:36:08 +0100 273 172.19.222.132TCP_MISS/200 745 POST
> http://websiteurl/index.php <http://websiteurl/index.php> -
> HIER_DIRECT/websitedomain text/xml
>
> Squid 5.2:
> 25/Aug/2022:15:10:00 +0100 139 172.19.222.132 TCP_MISS_ABORTED/100 0
> POST http://websiteurl <http://websiteurl>/index.php -
> HIER_DIRECT/websitedomain -
>
> anyone has an ideia of what may be happening here?, been searching about
> http errors 100 and so far i did not find anything that points me to the
> problem.
>
> On the application side the error it shows when it tries to upload is:
> "
> Error storing the document on the server
> Detail HTTP error 100
> Send failure: Connection was aborted (55)
> "
>
This is very odd.
* The "ABORTED" tag hints strongly that the client closed the
connection here.
* Status code "100 Continue" is a normal part of HTTP/1.1.
There is something wrong with the client application to be reporting
that as an error code at all. Likely that bug is what triggered the abort.
* The difference in result between Squid v4 and v5 is also extremely
odd. I do not think handling of status 100 had any significant changes
since the Squid-3 days.
Can you show us your config for both versions?
Omit lines that are commented out to reduce the sizes.
Take care to obscure private details while keeping it clear that
detail A and B are different (eg don't use same symbol X for replacing
both).
Also FME, where can I/we find details of the Rocky Squid packages?
Cheers
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
Com os melhores cumprimentos,
David Ferreira_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users