Re: [squid-users] Issue with some files and templates

Hi Henrik,
Thank you for your reply

My http_port settings are

http_port 3128 vhost (note if I remove the vhost I won't be able to access
my backend server)
Here is my bit of the config
http_port 80 accel vhost defaultsite=www.mysite.org
cache_peer 192.168.1.3 parent 81 0 no-query originserver name=main
acl our_site dstdomain www.mysite.org www.mysite2.com www.mysite3.net
mysite.org
http_access allow mail_site

http_access allow our_site
cache_peer_access main allow our_site
cache_peer_access main deny all

cl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 192.168.1.0/32

#Acces conrol
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
# http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow all

http_access allow SSL_ports
http_access deny all

icp_access allow localnet
icp_access deny all

htcp_access allow localnet
htcp_access deny all
http_port 3128 vhost

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

cache_effective_user squid
visible_hostname proxy
icp_port 3130
 hosts_file /etc/hosts
coredump_dir /usr/local/squid/var/cache
********************************************************************************
I have this in my cache.log but I don't know where it's coming from

WARNING: CONNECT method received on http Accelerator port 3128
2010/04/02 06:02:02| WARNING: for request: CONNECT intlreg.aol.com:443
HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Maxthon;
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) )
Proxy-Connection: Keep-Alive
Content-Length: 0
Host: intlreg.aol.com
Pragma: no-cache

This: WARNING: for request: CONNECT intlreg.aol.com:443 HTTP/1.1 (No
Idea) not from me anyway

and this

lientProcessRequest: Invalid Request
2010/04/02 13:35:00| Failed to select source for 'http://mysite.net/'
2010/04/02 13:35:00| always_direct = 0
2010/04/02 13:35:00| never_direct = 0
2010/04/02 13:35:00| timedout = 0
2010/04/02 13:46:43| Failed to select source for
'http://81.XX.XX.XX/install.txt' ((This is my public IP)
2010/04/02 13:46:43| always_direct = 0
2010/04/02 13:46:43| never_direct = 0
2010/04/02 13:46:43| timedout = 0
2010/04/02 13:46:43| Failed to select source for
'http://XX.XX.XX.XX/cart/install.txt'
2010/04/02 13:46:43| always_direct = 0
2010/04/02 13:46:43| never_direct = 0
2010/04/02 13:46:43| timedout = 0
2010/04/02 13:46:43| Failed to select source for
'http://XX.XX.XX.XX/zencart/install.txt'
2010/04/02 13:46:43| always_direct = 0
2010/04/02 13:46:43| never_direct = 0
2010/04/02 13:46:43| timedout = 0
2010/04/02 13:46:45| Failed to select source for
'http://XX.XX.XX.XX/shop/install.txt'
2010/04/02 13:46:45| always_direct = 0
2010/04/02 13:46:45| never_direct = 0
2010/04/02 13:46:45| timedout = 0
2010/04/02 13:46:45| Failed to select source for
'http://XX.XX.XX.XX/butik/install.txt'
2010/04/02 13:46:45| always_direct = 0
2010/04/02 13:46:45| never_direct = 0
2010/04/02 13:46:45| timedout = 0
2010/04/02 13:46:45| Failed to select source for
'http://XX.XX.XX.XX/zcart/install.txt'
2010/04/02 13:46:45| always_direct = 0
2010/04/02 13:46:45| never_direct = 0
2010/04/02 13:46:45| timedout = 0
2010/04/02 13:46:46| Failed to select source for
'http://XX.XX.XX.XX/shop2/install.txt'
2010/04/02 13:46:46| always_direct = 0
2010/04/02 13:46:46| never_direct = 0
2010/04/02 13:46:46| timedout = 0
2010/04/02 13:46:46| Failed to select source for
'http://XX.XX.XX.XX/catalog/install.txt'
2010/04/02 13:46:46| always_direct = 0
2010/04/02 13:46:46| never_direct = 0
2010/04/02 13:46:46| timedout = 0
2010/04/02 13:46:46| Failed to select source for
'http://XX.XX.XX.XX/boutique/install.txt'
2010/04/02 13:46:46| always_direct = 0
2010/04/02 13:46:46| never_direct = 0
2010/04/02 13:46:46| timedout = 0
2010/04/02 13:46:50| Failed to select source for
'http://XX.XX.XX.XX/store/install.txt'
2010/04/02 13:46:50| always_direct = 0
2010/04/02 13:46:50| never_direct = 0
2010/04/02 13:46:50| timedout = 0
2010/04/02 14:24:17| WARNING: CONNECT method received on http Accelerator
port 3128
2010/04/02 14:24:17| WARNING: for request: CONNECT intlreg.aol.com:443
HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Maxthon;
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) )
Proxy-Connection: Keep-Alive
Content-Length: 0

I also checked out this link https://intlreg.aol.com where these
attempts originate from, and nobody seem to be able to locate them
checked this website belllow but no info
http://www.talkreviews.com/intlreg.aol.com
Is there a way to block this please?

And finally my access.log fills up within minutes, it is now in the size of
23, 780, 835 bytes (23.5 MB)
This is far too large, sometimes it's even difficult to empty them, as they
won't open because they are too large.
Any ideas please? I have tried the squid -k rotate but it doesn't seem to
work for the access.log

I will paste few lines from the access log, it is far too big to post
everything here:
basically the same request repeated time and time again.

access.log
1270183340.294 615 204.152.200.138 TCP_MISS/200 167 CONNECT
203.188.197.10:25 - DIRECT/203.188.197.10 -
1270183340.665 609 67.215.231.50 TCP_MISS/200 167 CONNECT
203.188.197.9:25 - DIRECT/203.188.197.9 -
1270183340.702 606 67.215.247.242 TCP_MISS/200 167 CONNECT
203.188.197.9:25 - DIRECT/203.188.197.9 -
1270183340.767 602 67.215.231.50 TCP_MISS/200 167 CONNECT
203.188.197.9:25 - DIRECT/203.188.197.9 -
1270183341.272 609 67.215.247.210 TCP_MISS/200 167 CONNECT
203.188.197.10:25 - DIRECT/203.188.197.10 -

I hope this helps
for your last questions I didn't quite understand what you meant by

"And does the requested URLs match what your origin servers expect?

For the above question, the answer is yes if it is what I understood
the bottom one I didn't understand what you meant

" > Including host component."

I hope that helps
Kinds Regards
Adam

----- Original Message -----
From: "Henrik Nordström" <henrik_at_henriknordstrom.net>
To: "Adam_at_Gmail" <adbasque_at_googlemail.com>
Cc: <squid-users_at_squid-cache.org>
Sent: Friday, April 02, 2010 7:33 PM
Subject: Re: [squid-users] Issue with some files and templates

> fre 2010-04-02 klockan 19:14 +0100 skrev Adam_at_Gmail:
>
>> Since I installed Squid, now that I can access my backend server and
>> vhosted
>> websites
>> There are a lot of things that aren't working, some links can't be
>> accessed,
>> some folders can't be opened, images, a lot of things.
>
> Can you describe your setup in a bit more detail?
>
> http_port settings?
> cache_peer settings?
> cache_peer_access settings?
>
> And what does access.log report? Does it match your expectations on what
> was requested and where Squid tried to forward it?
>
> And does the requested URLs match what your origin servers expect?
> Including host component.
>
> Regards
> Henrik
>
Received on Fri Apr 02 2010 - 19:30:31 MDT