RE: [squid-users] Bad Requests

Ok, this issue appears on certain (e.g. carsoup.com, ebay.com, wsca.org)
sites when Squid is sending the request to DansGuardian. I can access the
sites if I put them in my "always_direct" directive. The actual 400 error
is "page cannot be found". Anyone have any ideas? Below is a copy of my
squid.conf.

Many thanks!!
Scott
____________________________________________________________________________
___________
Ok, here is my squid.conf.mlist. I think this issue only happens when squid
forwards the requests to DansGuardian. When I put the concerned domains in
the "always_direct" directive they work fine. Here is my set up:

Client ----> Squid ----> DG ----> Mcafee Webshield ----> Internet

99.9% of the sites work just fine, except a few. DG is a new implementation
I am working on to replace all the blocking ACLs I have in squid. Do you
see anything in this config that could cause this?

http_port 3128
cache_peer e500b parent 80 0 no-query weight=10
cache_peer e500c parent 80 0 no-query weight=9
cache_peer 127.0.0.1 parent 8080 0 no-query
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 12 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 16 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy lru
memory_replacement_policy lru
cache_dir diskd /var/squid/cache0 13000 16 256
cache_access_log /usr/local/squid/var/logs/access.log
cache_store_log none
emulate_httpd_log off
log_ip_on_direct on
mime_table /usr/local/squid/etc/mime.conf
log_mime_hdrs off
debug_options ALL,1
log_fqdn off
client_netmask 255.255.255.255
diskd_program /usr/local/squid/libexec/diskd
unlinkd_program /usr/local/squid/libexec/unlinkd
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl dansubnets src "/usr/local/squid/etc/dansubnets.txt"
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl working_hours1 time D 06:00-18:00
acl working_hours2 time D 07:00-18:00
acl after_hours1 time MTWHF 18:01-23:59
acl after_hours2 time MTWHF 00:00-06:59
acl after_hours3 time AS 00:00-23:59
acl after_hours_deny_hosts src
"/usr/local/squid/etc/after_hours_deny_hosts.txt"
acl no_rest src "/usr/local/squid/etc/no_rest.txt"
acl a_vdeny urlpath_regex -i "/usr/local/squid/etc/av_deny.txt"
acl media dstdomain .windowsmedia.com
acl msnmsgr req_mime_type -i ^applicaiton/x-msn-messenger$
acl msnmsgr1 dst 207.46.110.0/24
acl msnmsgr2 dstdomain .gateway.messenger.hotmail.com
acl msnmsgr3 dstdomain .messenger.msn.com
acl msnmsgr4 dstdomain chat.msn.com
acl yahoo dstdomain .messenger.yahoo.com
acl yahoo1 dstdomain .msg.yahoo.com
acl yahoo2 dstdomain .pgq.yahoo.com
acl yahoo3 dstdomain .dcn.yahoo.com
acl yahoo4 dstdomain .chat.yahoo.com
acl yahoo5 dstdomain .profiles.yahoo.com
acl yahoo6 dstdomain .companion.yahoo.com
acl aol dstdomain .oscar.aol.com
acl aim dstdomain .aim.com
acl safe_list dstdomain "/usr/local/squid/etc/safe_list_url.txt"
acl blocked_ip dst "/usr/local/squid/etc/blocked_ip.txt"
acl blocked_keywords url_regex -i
"/usr/local/squid/etc/blocked_keywords.txt"
acl blocked_sites_police dstdomain
"/usr/local/squid/etc/blocked_sites_police.txt"
acl file_type_block urlpath_regex -i
"/usr/local/squid/etc/file_type_block.txt"
acl allow_hosts src "/usr/local/squid/etc/allow_hosts.txt"
acl blocked_sites dstdomain "/usr/local/squid/etc/blocked_sites.txt"
acl blocked_porn dstdomain "/usr/local/squid/etc/blocked_porn.txt"
acl ads_spyw dstdomain "/usr/local/squid/etc/ads_spyw.txt"
acl pwwb src "/usr/local/squid/etc/wb_allow.txt"
acl weatherbug-dot-com dstdomain .weatherbug.com
acl deny_hosts src "/usr/local/squid/etc/deny_hosts.txt"
http_access allow manager localhost
http_access deny manager
http_access allow !Safe_ports
http_access allow CONNECT !SSL_ports
http_access allow manager localhost
http_access deny after_hours_deny_hosts after_hours1
http_access deny after_hours_deny_hosts after_hours2
http_access deny after_hours_deny_hosts after_hours3
http_access allow working_hours1
http_access allow working_hours2
http_access allow after_hours1
http_access allow after_hours2
http_access allow no_rest
http_access deny a_vdeny
http_access deny media
http_access deny msnmsgr
http_access deny msnmsgr1
http_access deny msnmsgr2
http_access deny msnmsgr3
http_access deny msnmsgr4
http_access deny yahoo
http_access deny yahoo1
http_access deny yahoo2
http_access deny yahoo3
http_access deny yahoo4
http_access deny yahoo5
http_access deny yahoo6
http_access deny aol
http_access deny aim
http_access allow safe_list
http_access deny blocked_ip
http_access deny blocked_keywords
http_access deny blocked_sites_police
http_access deny file_type_block
http_access allow allow_hosts
http_access deny blocked_sites
http_access deny blocked_porn
http_access deny ads_spyw
http_access allow pwwb
http_access deny weatherbug-dot-com
http_access deny deny_hosts
http_access allow all
http_reply_access allow all
icp_access allow all
cache_peer_access 127.0.0.1 allow dansubnets
cache_peer_access e500b deny dansubnets
cache_peer_access e500c deny dansubnets
cache_peer_access e500b allow all
cache_peer_access e500c allow all
cache_mgr ISHELP
visible_hostname Squid Web Proxy Cache
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
dns_testnames netscape.com internic.net yahoo.com microsoft.com cisco.com
logfile_rotate 31
memory_pools on
memory_pools_limit 256 MB
forwarded_for on
cachemgr_passwd xxxxxxxx
store_avg_object_size 13 KB
store_objects_per_bucket 20
client_db on
acl always_direct_urls dstdomain
"/usr/local/squid/etc/always_direct_urls.txt"
acl always_direct_ips src "/usr/local/squid/etc/always_direct_ips.txt"
always_direct allow always_direct_urls
always_direct allow always_direct_ips
never_direct allow all
wccp_router xxxxxxxx
wccp_version 4
coredump_dir /usr/local/squid/var/cache0

Regards,
Scott

----------------------------------------------------------------------------
------------------------------------------------------------------------
If your squid is working normal to other sites, then it may be blocked by
Admin's there.
Post your consolidated squid.conf file ( grep -v "^#" squid.conf >
squid.conf.mlist" )
Received on Tue Sep 07 2004 - 10:12:45 MDT