OK i found my mistake just one moment before you write your request :).
I´ve forgot some "/" in my squidGuard conf.
Thanks a lot to all.
I just go to bang my head on the table.
Ralph
> -----Ursprüngliche Nachricht-----
> Von: adrian.chadd_at_gmail.com [mailto:adrian.chadd_at_gmail.com] Im Auftrag
> von Adrian Chadd
> Gesendet: Mittwoch, 15. Juli 2009 07:52
> An: Jarosch, Ralph
> Cc: squid-users_at_squid-cache.org
> Betreff: Re: [squid-users] https from different Subnet not working
>
> Are you using a url rewriter program?
>
> Also, why haven't you just emailed redhat support?
>
>
>
> Adrian
>
> 2009/7/15 Jarosch, Ralph <Ralph.Jarosch_at_justiz.niedersachsen.de>:
> > I found the section which rewrite the request in my cache.log.
> >
> > Can someone explain what happens there.
> >
> > 2009/07/15 06:51:56| cbdataValid: 0x17f684f8
> > 2009/07/15 06:51:56| redirectHandleRead: {http:/golem.de
> 10.39.119.9/- - CONNECT}
> > 2009/07/15 06:51:56| cbdataValid: 0x1808d4a8
> > 2009/07/15 06:51:56| cbdataUnlock: 0x1808d4a8
> > 2009/07/15 06:51:56| clientRedirectDone: 'erv-
> justiz.niedersachsen.de:443' result=http:/golem.de
> > 2009/07/15 06:51:56| init-ing hdr: 0x1808f160 owner: 1
> > 2009/07/15 06:51:56| appending hdr: 0x1808f160 += 0x1808ec00
> > 2009/07/15 06:51:56| created entry 0x17f726f0: 'User-Agent:
> Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322;
> .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)'
> > 2009/07/15 06:51:56| 0x1808f160 adding entry: 50 at 0
> > 2009/07/15 06:51:56| created entry 0x17fcc870: 'Proxy-Connection:
> Keep-Alive'
> > 2009/07/15 06:51:56| 0x1808f160 adding entry: 41 at 1
> > 2009/07/15 06:51:56| created entry 0x17fc3190: 'Content-Length: 0'
> > 2009/07/15 06:51:56| 0x1808f160 adding entry: 14 at 2
> > 2009/07/15 06:51:56| created entry 0x17fcbd80: 'Host: erv-
> justiz.niedersachsen.de'
> > 2009/07/15 06:51:56| 0x1808f160 adding entry: 27 at 3
> > 2009/07/15 06:51:56| created entry 0x17fcc990: 'Pragma: no-cache'
> > 2009/07/15 06:51:56| 0x1808f160 adding entry: 37 at 4
> > 2009/07/15 06:51:56| 0x1808f160 lookup for 37
> > 2009/07/15 06:51:56| 0x1808f160: joining for id 37
> > 2009/07/15 06:51:56| 0x1808f160: joined for id 37: no-cache
> > 2009/07/15 06:51:56| 0x1808f160 lookup for 7
> > 2009/07/15 06:51:56| 0x1808f160 lookup for 7
> > 2009/07/15 06:51:56| 0x1808f160 lookup for 40
> > 2009/07/15 06:51:56| 0x1808f160 lookup for 52
> > 2009/07/15 06:51:56| clientInterpretRequestHeaders: REQ_NOCACHE = SET
> > 2009/07/15 06:51:56| clientInterpretRequestHeaders: REQ_CACHABLE =
> NOT SET
> > 2009/07/15 06:51:56| clientInterpretRequestHeaders: REQ_HIERARCHICAL
> = NOT SET
> > 2009/07/15 06:51:56| clientProcessRequest: CONNECT
> 'http.justiz.niedersachsen.de:443'
> > 2009/07/15 06:51:56| aclCheckFast: list: (nil)
> > 2009/07/15 06:51:56| aclCheckFast: no matches, returning: 1
> > 2009/07/15 06:51:56| sslStart: 'CONNECT
> http.justiz.niedersachsen.de:443'
> > 2009/07/15 06:51:56| comm_open: FD 58 is a new socket
> > 2009/07/15 06:51:56| fd_open FD 58 http.justiz.niedersachsen.de:443
> > 2009/07/15 06:51:56| comm_add_close_handler: FD 58, handler=0x463e31,
> data=0x1808d378
> >
> >> -----Ursprüngliche Nachricht-----
> >> Von: Jarosch, Ralph [mailto:Ralph.Jarosch_at_JUSTIZ.NIEDERSACHSEN.DE]
> >> Gesendet: Dienstag, 14. Juli 2009 11:40
> >> An: squid-users_at_squid-cache.org
> >> Betreff: AW: [squid-users] https from different Subnet not working
> >>
> >> > -----Ursprüngliche Nachricht-----
> >> > Von: adrian.chadd_at_gmail.com [mailto:adrian.chadd_at_gmail.com] Im
> >> Auftrag
> >> > von Adrian Chadd
> >> > Gesendet: Dienstag, 14. Juli 2009 11:16
> >> > An: Jarosch, Ralph
> >> > Cc: squid-users_at_squid-cache.org
> >> > Betreff: Re: [squid-users] https from different Subnet not working
> >> >
> >> > 2009/7/14 Jarosch, Ralph <Ralph.Jarosch_at_justiz.niedersachsen.de>:
> >> > > This is the latest support squid-2 version for RHEL5.3
> >> > >
> >> > > An I want to use the dnsserver
> >> >
> >> > Right. Well, besides the other posters' response about the cache
> peer
> >> > setup being a clue - you're choosing a peer based on source IP as
> far
> >> > as I can tell there - which leads me to think that perhaps that
> >> > particular cache has a problem. You didn't say which caches they
> were
> >> > in your config or error message so we can't check whether they're
> the
> >> > same or different.
> >> >
> >> Ok sorry.
> >> The current way for an website request is
> >>
> >> Client --> headproxy(10.37.132.2) --> my cache proxys
> >> (10.37.132.5/6/7/8) --> proxy off our isp --> internet
> >>
> >> The error message come from the isp proxy which tell when I request
> >> something like https://www.ebay.com
> >>
> >> The requested URL could not be retrieved
> >> -------------------------------------------------------------------
> ---
> >> ---------- While trying to retrieve the URL: http.yyy.xxx:443 The
> >> yyy.xxx is our local domain
> >> following error was encountered:
> >> Unable to determine IP address from host name for The dnsserver
> >> returned:
> >> Name Error: The domain name does not exist.
> >> This means that:
> >> The cache was not able to resolve the hostname presented in the
> URL.
> >> Check if the address is correct.
> >> Your cache administrator is webmaster.
> >> -------------------------------------------------------------------
> ---
> >> ---------- Generated Tue, 14 Jul 2009 08:10:39 GMT by xxxxxxx
> >> the answer come from the isp
> >> (squid/2.5.STABLE12)
> >>
> >> I´ve made an tcpdump between our headproxy and our cacheproxy´s an
> >> there I can see that the headproxy change the request from
> >> https//www.ebay.com to https.our.domain.com
> >>
> >>
> >>
> >> > But since yo'ure using a supported squid for RHEL5.3, why don't
> you
> >> > contact Redhat for support? That is why you're paying them for.
> >> >
> >> >
> >> > adrian
> >
> >
Received on Wed Jul 15 2009 - 05:56:52 MDT
This archive was generated by hypermail 2.2.0 : Wed Jul 15 2009 - 12:00:03 MDT