[squid-users] Questions on "http_access deny" and TCP_DENIED

From: Steve Snyder <swsnyder@dont-contact.us>
Date: Fri, 25 Jul 2003 06:10:18 -0700

I have a couple of questions regarding Squid (2.5S3 + patches) and
TCP_DENIED on my Linux (RedHat v7.3) system.

This is a prohibition I have in my config file:

  acl imrworldwide dstdomain .imrworldwide.com
  http_access deny imrworldwide

Below are excerpts from my log file, showing the prohibition in use. Now
my questions:

1. Why does it take so long to do the denial? I would think that the
denial would be nearly instantaneous given that no network I/O needs to be
done. The client requested a destination, that destination is disallowed,
the denial is issued to the client; end of story. The 18ms I can
understand, but times up to 930ms leave me scratching my head.

2. How does Squid know the size of the object being denied? Again, the
client has requested a prohibited domain. I wouldn't think that Squid
would even care if the domain was valid or not, let alone know the size
of the object requested.

Would someone please educate me on how Squid is doing denials?

Thanks.

-------------

1057497998.865 18 192.168.0.4 TCP_DENIED/403 1389 GET
http://server-us.imrworldwide.com/c1.js - NONE/- text/html
1057498000.262 112 192.168.0.4 TCP_DENIED/403 1407 GET
http://server-us.imrworldwide.com/cgi-bin/count? - NONE/- text/html
1057498042.562 212 192.168.0.4 TCP_DENIED/403 1389 GET
http://server-us.imrworldwide.com/c1.js - NONE/- text/html
1057498044.711 200 192.168.0.4 TCP_DENIED/403 1407 GET
http://server-us.imrworldwide.com/cgi-bin/count? - NONE/- text/html
1057498079.593 452 192.168.0.4 TCP_DENIED/403 1389 GET
http://server-us.imrworldwide.com/c1.js - NONE/- text/html
1057498081.667 386 192.168.0.4 TCP_DENIED/403 1407 GET
http://server-us.imrworldwide.com/cgi-bin/count? - NONE/- text/html
1057498219.140 930 192.168.0.4 TCP_DENIED/403 1389 GET
http://server-us.imrworldwide.com/c1.js - NONE/- text/html
1057498220.339 197 192.168.0.4 TCP_DENIED/403 1407 GET
http://server-us.imrworldwide.com/cgi-bin/count? - NONE/- text/html
1057498310.943 670 192.168.0.4 TCP_DENIED/403 1389 GET
http://server-us.imrworldwide.com/c1.js - NONE/- text/html
1057498312.743 491 192.168.0.4 TCP_DENIED/403 1407 GET
http://server-us.imrworldwide.com/cgi-bin/count? - NONE/- text/html
Received on Fri Jul 25 2003 - 07:10:26 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:17 MST