Hi
Further discussion happened on https://bugs.squid-cache.org/show_bug.cgi?id=5274 and has more details.
But yes, the issue is the same for a connection just from squid logs: how to know if a request has passed or failed.
Regards
Sachin
On Mon, Jun 12, 2023 at 1:51 PM <ngtech1ltd@xxxxxxxxx> wrote:
Hey Sachin,
What's the issue?
That the logs don't reflect the reality?
Thanks,
Eliezer
From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of sachin gupta
Sent: Thursday, May 25, 2023 18:21
To: squid-users@xxxxxxxxxxxxxxxxxxxxx
Subject: TCP_TUNNEL/500 in squid logs in squid 5.9
Hi All
We are migrating for squid 4.15 to squid 5.9. We are running our existing test suite to check if we pass our sanity testing.
For requests in transparent mode, though request passes and client get 200, in squid logs we are getting TCP_TUNNEL/500. We were not getting this issue with squid 4.15.
Client logs
curl -v https://origin/cache/0
* Trying 10.80.96.68:443...
* TCP_NODELAY set
* Connected to origin (10.80.96.68) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=US; ST=CA; L=SF; O=SFDC; OU=0:ns.tester;1:mvp;2:mist51;3:na44;4:dev1; CN=origin
* start date: Jul 26 06:59:41 2022 GMT
* expire date: Jul 26 06:59:41 2023 GMT
* subjectAltName: host "origin" matched cert's "origin"
* issuer: C=US; ST=CA; L=SF; O=SFDC; OU=Edge; CN=ca
* SSL certificate verify ok.
> GET /cache/0 HTTP/1.1
> Host: origin
> User-Agent: curl/7.67.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Server: origin
< Date: Thu, 25 May 2023 15:08:57 GMT
< Connection: close
< Content-Type: application/json
< Content-Length: 162
< Cache-Control: public, max-age=0
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Credentials: true
<
{"args":{},"headers":{"Accept":"*/*","Host":"origin","User-Agent":"curl/7.67.0","X-Origin-Server":"origin"},"origin":"10.80.96.3","url":"https://origin/cache/0"}
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):
Squid access logs
[25/May/2023:15:08:57] 31 http://10.80.96.6:51028 - NONE_NONE/000 0 CONNECT http://10.80.96.68:443 tester HIER_NONE/- - - tester 746573746572 dagobah [-] - [-] - [-] - 0 0 - - [origin]
[25/May/2023:15:08:57] 40 http://10.80.96.6:51028 - TCP_TUNNEL/500 800 CONNECT origin:443 tester HIER_DIRECT/origin 10.80.96.68 - tester 746573746572 dagobah [-] - [-] - [-] - 1969 2769 4 33 [origin]
Can someone please help in this.
Regards
Sachin
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users