Re: [squid-users] URL access problem

Does it work if you configure your browser to use the proxy instead of
transparent interception?

But I would guess this is a DNS issue. The h20000.www2.hp.com DNS name
uses extremely low DNS TTL setting (1 minute only, way way way below the
recommended minimum setting) so any slightest problems or timeouts with
DNS is likely to cause the site to be unknown when most other works just
fine..

Regards
Henrik

Cleiton Peres Reis wrote:
>
> Hi Fellows,
>
> I am having some problems with my Web access using Squid.
> All machines on my LAN can access normally de websites trough
> the squid, but the some URL's cannot be had accessed by no
> machine of my LAN without no apparent reason. It appears the
> message of "URL not found". Outside of my LAN the URL is had
> access normally.
>
> The URL that I am having problems is : http://netserver.hp.com
> in link "Technical Support" exists a redir for the link :
> http://h20000.www2.hp.com/bizsupport/TechSupport/Product.jsp?prodTypeId=15351&locale=en_US&taskId=135
>
> In my /var/log/access.log appears only the msg's of access for
> the "netserver.hp.com" URL, and nothing about "h20000.www2.hp.com"
> when I try to access the described link appear the message that I said.
>
> here is a part from my /var/log/access.log:
>
> ### START OF ACCESS.LOG ####
>
> 1042561612.139 2241 192.168.0.183 TCP_REFRESH_HIT/200 366 GET http://netserver.hp.com/images/corners/tr_navcorner_20.gif - DIRECT/192.151.53.122 image/gif
> 1042561616.871 2546 192.168.0.183 TCP_REFRESH_HIT/200 368 GET http://netserver.hp.com/images/corners/bl_navcorner_20.gif - DIRECT/192.151.53.59 image/gif
> 1042561617.851 2178 192.168.0.183 TCP_REFRESH_HIT/200 1446 GET http://netserver.hp.com/images/idea_units/powered_by_hp.gif - DIRECT/192.151.53.59 image/gif
> 1042561618.516 1637 192.168.0.183 TCP_REFRESH_HIT/200 342 GET http://netserver.hp.com/images/arrows/a_ff9900.gif - DIRECT/192.151.53.122 image/gif
> 1042561619.878 5549 192.168.0.183 TCP_REFRESH_HIT/200 366 GET http://netserver.hp.com/images/corners/br_navcorner_20.gif - DIRECT/192.151.53.122 image/gif
> 1042561620.997 3131 192.168.0.183 TCP_REFRESH_HIT/200 349 GET http://netserver.hp.com/images/corners/tl_corner_10.gif - DIRECT/192.151.53.59 image/gif
> 1042561621.000 2483 192.168.0.183 TCP_REFRESH_HIT/200 350 GET http://netserver.hp.com/images/corners/tr_corner_10.gif - DIRECT/192.151.53.122 image/gif
> 1042561625.108 3196 192.168.0.183 TCP_REFRESH_HIT/200 342 GET http://netserver.hp.com/images/arrows/a_336699.gif - DIRECT/192.151.53.122 image/gif
> 1042561627.489 7550 192.168.0.183 TCP_REFRESH_HIT/200 342 GET http://netserver.hp.com/images/arrows/a_6699cc.gif - DIRECT/192.151.53.59 image/gif
> 1042561628.426 2462 192.168.0.183 TCP_REFRESH_HIT/200 348 GET http://netserver.hp.com/images/corners/bl_corner_10.gif - DIRECT/192.151.53.59 image/gif
> 1042561628.702 1944 192.168.0.183 TCP_REFRESH_HIT/200 348 GET http://netserver.hp.com/images/corners/br_corner_10.gif - DIRECT/192.151.53.122 image/gif
> 1042561630.284 1732 192.168.0.183 TCP_REFRESH_HIT/200 342 GET http://netserver.hp.com/images/arrows/a_cc6633.gif - DIRECT/192.151.53.59 image/gif
> 1042561637.909 67420 192.168.0.183 TCP_MISS/200 55783 GET http://netserver.hp.com/ - DIRECT/192.151.53.122 text/html
> 1042561640.022 2644 192.168.0.183 TCP_REFRESH_HIT/200 342 GET http://netserver.hp.com/images/arrows/a_993300.gif - DIRECT/192.151.53.122 image/gif
>
> ### END OF ACCESS.LOG ####
>
> I have a LAN accessing the Internet (WEB) trough a gateway
> using (Squid + Iptables):
> SQUID - 2.4.7
> kernel - 2.4.18
> glib - 1.2.10
> glibc - 2.2.4
> My gateway has 2 (two) NIC's - eth0 ( Public IP ) 200.xxx.xxx.xxx
> eth1 ( Private IP ) 192.xxx.xxx.xxx CLASS C
> The Iptables Rule is :
> ####
> iptables -t nat -A PREROUTING -s 192.168.0.0/16 -d 0/0 -p tcp --dport 80 \
> -j REDIRECT --to-port 3128
>
> iptables -t nat -A PREROUTING -s 192.168.0.0/16 -d 0/0 -p tcp --dport 80 \
> -j REDIRECT --to-port 3128
> ###
>
> My SQUID has a classic configuration with ACL's allow and deny :
>
> http_access allow
> http_access deny
>
> including a "badword" file with a list of forbiden words.
>
> what it can be wrong ?
>
> grateful for the attention
>
> --
>
> Cleiton P Reis
> Catholic University of Pelotas
> Computer Science D.
>
> nothing it is stronger than the heart of a volunteer
> -Cel Dolitle
Received on Tue Jan 14 2003 - 15:02:21 MST