I've looked in both bugzilla and list archives without finding anything on
this. Any advice, pointers would be much appreciated.
I'm running squid-2.4.STABLE6 on RedHat 7.1 - Linux kernel 2.4.7-10
I'm using Squid as a transparent proxy in our firewall's DMZ to our Apache
server inside the firewall.
I have what appears to be clear evidence from collating Squid and Apache
access log entries that, at times, Squid is putting an incorrect IP number
in the Forwarder-For header it includes in the HTTP requests it makes to
the Apache server. At time, Squid is logging the IP number of the incoming
connections but inserting a different IP number in the Forwarder-For header.
The incorrect IP numbers in the Forwarder-For headers are those of other
clients shown in the Squid logs as connecting to Squid about the same time
in order to access different URLs.
In the most stark and convincing example of this problem to date we had a
rogue client out there in internet land that was serially making requests
to Squid for the same URL at the rate of around 2 requests per second. For
the period this continued, and some 1700+ requests were made by this client
in around 15 minutes, a minimum of 48 requests passed on to Apache had the
IP number of this rogue client wrongly attributed to them in the
Forwarded-For header.
To me this smacks of a bug in dynamically allocated buffer handling in a
multi-threaded environment with the wheels coming off with higher load. But
what do I know; I'm new to Squid and unfamiliar with its source code right now.
Is this a known bug with squid-2.4.STABLE6 or was it encountered in any
previous versions? Anyone know of a cure for it? Any practical suggestions?
Thanks for any help you can offer
Received on Tue Apr 30 2002 - 12:49:46 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:46 MST