[squid-users] Uploading files

From: Gerwin van de Steeg <gerwin@dont-contact.us>
Date: Fri, 8 Oct 2004 13:37:31 +1300

Folks,

Having a problem uploading files through squid. Similar to that posted
by Jose Costa on Mon, 4 Oct 2004
However it is not a webmail but related to equipment warranties.

< Internet > -- (dmz firewall) -- (lan firewall) -- [LAN] -- <squid
server>
                                                       |
                                                       \____
<workstation>

When accessing the site through squid it fails in certain situations,
but when accessing the page directly (bypassing squid) it works
perfectly.
The situation where squid fails is when the file being uploaded exceeds
3KB (I presume this will be 3 KB and a bit + the document header to a
total of 4KB).
I've checked the config file and found two entries relating to this.

<-- snip - extract from squid.conf -->

# TAG: request_header_max_size (KB)
# This specifies the maximum size for HTTP headers in a request.
# Request headers are usually relatively small (about 512 bytes).
# Placing a limit on the request header size will catch certain
# bugs (for example with persistent connections) and possibly
# buffer-overflow or denial-of-service attacks.
#
#Default:
request_header_max_size 10 KB
#request_header_max_size 40960 KB # tried this one

# TAG: request_body_max_size (KB)
# This specifies the maximum size for an HTTP request body.
# In other words, the maximum size of a PUT/POST request.
# A user who attempts to send a request with a body larger
# than this limit receives an "Invalid Request" error message.
# If you set this parameter to a zero (the default), there will
# be no limit imposed.
#
#Default:
request_body_max_size 0 KB
#request_body_max_size 40960 KB # tried this one

<-- snip -->

I've tried (as previously stated) to increase these values to 40 MB
(40960 KB) which has led to no change in behaviour. I have an evil hack
workaround for each of the affected workstations but it's uglee and I'd
like to use squid instead of bypassing.

I've tried to access the page with squid set to debugging (ALL,9) and
have looked at this info, but can't make out exactly where the problem
occurs. It passes all the defined ACL's.

Gerwin van de Steeg
CTS Hamilton North
New Zealand

NB: Further information follows

[root@mta]$ squid -v
Squid Cache: Version 2.5.STABLE1
...

<-- snip -->

Red Hat Linux release 9 (Shrike)
squid-2.5.STABLE1-3.9

<-- snip -->

ERROR
The requested URL could not be retrieved

------------------------------------------------------------------------
--------

While trying to retrieve the URL:
http://ce.hhi.co.kr/as-file/DEXT/attach_claim.asp

The following error was encountered:

Write Error
The system returned:

    (104) Connection reset by peerAn error condition occurred while
writing to the network. Please retry your request.

<-- snip - access.log exerpt -->

1097108334.546 42 server.domain.porter.co.nz TCP_MISS/500 1478 POST
http://ce.hhi.co.kr/as-file/DEXT/attach_claim.asp - DIRECT/2
11.193.197.26 text/html [Accept: image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, application/x-shockwave-flash, application/vnd
.ms-excel, application/msword, */*\r\nReferer:
http://ce.hhi.co.kr/as-file/DEXT/delivery.asp?p_uflag=3&p_key=\r\nAccept
-Language: en
-nz\r\nContent-Type: multipart/form-data;
boundary=---------------------------7d41e0364801c4\r\nProxy-Connection:
Keep-Alive\r\nUser
-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)\r\nHost:
ce.hhi.co.kr\r\nContent-Length: 5290487\r\nPragma: no-cache\r\nC
ookie: DEXTUpload=ProgressID=68;
ASPSESSIONIDQSBRRRTR=FLGFBBKBFENIFKNPEAFKJPBA\r\n] [HTTP/1.0 500
Internal Server Error\r\nServer: s
quid/2.5.STABLE1\r\nMime-Version: 1.0\r\nDate: Thu, 07 Oct 2004 00:18:54
GMT\r\nContent-Type: text/html\r\nContent-Length: 1158\r\nE
xpires: Thu, 07 Oct 2004 00:18:54 GMT\r\nX-Squid-Error: ERR_WRITE_ERROR
104\r\n\r]

<-- snip - cache.log exerpt, debug ALL,9 -->

...
2004/10/07 13:18:54| httpReadReply: FD 11: len 0.
2004/10/07 13:18:54| fwdFail: ERR_ZERO_SIZE_OBJECT "Service Unavailable"
        http://ce.hhi.co.kr/as-file/DEXT/show_progress.asp?nav=ie
2004/10/07 13:18:54| comm_close: FD 11
...
2004/10/07 13:18:54| commHandleWrite: FD 17: off 0, sz 4095.
2004/10/07 13:18:54| commHandleWrite: write() returns -1
2004/10/07 13:18:54| commHandleWrite: FD 17: write failure: (104)
Connection reset by peer.
2004/10/07 13:18:54| cbdataValid: 0x8bc0100
2004/10/07 13:18:54| httpSendRequestEntry: FD 17: size 0: errflag -1.
2004/10/07 13:18:54| storeLockObject: key
'427A75648AC235233250E172C00AF496' count=4
2004/10/07 13:18:54| creating rep: 0x8c689d8
2004/10/07 13:18:54| init-ing hdr: 0x8c68a14 owner: 2
2004/10/07 13:18:54| 0x8c68a14 lookup for 37
2004/10/07 13:18:54| 0x8c68a14 lookup for 9
2004/10/07 13:18:54| 0x8c68a14 lookup for 21
2004/10/07 13:18:54| errorConvert: %U -->
'http://ce.hhi.co.kr/as-file/DEXT/attach_claim.asp'
Received on Thu Oct 07 2004 - 18:25:27 MDT

This archive was generated by hypermail pre-2.1.9 : Mon Nov 01 2004 - 12:00:01 MST