Hi Mark,
Sorry about the delay,
here is the info:
Mark Elsen wrote:
>> Hi,
>> I have configured a squid httpd proxy cache in intercept/transparent mode.
>>
>> The problem I have is that the boinc client from setiathome have problem
>> connecting to its server.
>>
>
> - Is boinc configured to use a http proxy (I presume it is)
>
no
> - What are the messages displayed in it's messages window,
> when the problems appear.
>
SETI@home 1 1140512261 Started upload of
18oc99aa.9079.29009.154xxxxxxxxx_1_0
SETI@home 1 1140512265 Temporarily failed upload of
18oc99aa.9079.xxxxxxxxxx8.218_1_0: error 500
> - What's in squid's access.log for thes boinc requests ?
>
1140537280.503 2062 192.168.2.90 TCP_MISS/100 123 POST
http://setiboincdata.ssl.berkeley.edu/sah_cgi/file_upload_handler -
DIRECT/66.28.250.125 -
1140537436.569 1064 192.168.2.90 TCP_MISS/100 123 POST
http://setiboincdata.ssl.berkeley.edu/sah_cgi/file_upload_handler -
DIRECT/66.28.250.125 -
1140537504.606 2054 192.168.2.90 TCP_MISS/100 123 POST
http://setiboincdata.ssl.berkeley.edu/sah_cgi/file_upload_handler -
DIRECT/66.28.250.125 -
> - Anything further in cache.log
>
no, nothing there :(
>
>> If I disable squid interception, all works fine.
>>
>
> My usual anti-interception bible , not that one of the topics mentioned
> my have bitten you :
>
>
> - Intercepting HTTP breaks TCP/IP standards because user agents
> think they are talking directly to the origin server.
> - It causes path-MTU to fail. Possibly making the website not accessible.
> - As a result for instance on older IE versions ; "reload" did not
> work as expected.
> - You can't use proxy authentication
> - You can't use IDENT lookups
> - Intercepting proxies are incompatible with IP filtering designed
> to prevent address spoofing.
> - Clients are still expected to have full Internet DNS resolving
> capabilities , when in certain Intranet/Firewalling setups , this
> is not always wanted.
> - Related to above : because of transp. proxy setup : suppose a browser
> connects to a site
> which is down.HOWEVER , due to the transparant proxying setup. It gets
> a connected state to the interceptor. The
> end user may get wrong error messages or a browser, seemingly
> doing nothing anymore.
>
mmm, didn't that interception has all this problems. I have been using
it for years in some
client's servers.
Do you know how can I debug even further?
Many thanks
Oliver
-- Oliver Schulze L. <oliver@samera.com.py>Received on Tue Feb 21 2006 - 09:13:27 MST
This archive was generated by hypermail pre-2.1.9 : Wed Mar 01 2006 - 12:00:03 MST