[squid-users] nagios check_http module being denied on transparent proxy

From: Dayo Adewunmi <contactdayo_at_gmail.com>
Date: Mon, 12 Apr 2010 09:42:12 +0100

Hi

In my squid.conf I've got 'http_port 3128 transparent', and I configured
my firewall
to forward all request from port 80 to 3128. Everything seems to be
working fine, except
for nagios. This is from the man pages of the check_http module:

"check_http v2053 (nagios-plugins 1.4.13)
Copyright (c) 1999 Ethan Galstad <nagios_at_nagios.org>
Copyright (c) 1999-2008 Nagios Plugin Development Team
        <nagiosplug-devel_at_lists.sourceforge.net>

This plugin tests the HTTP service on the specified host. It can test
normal (http) and secure (https) servers, follow redirects, search for
strings and regular expressions, check connection times, and report on
certificate expiration times.
This plugin will attempt to open an HTTP connection with the host.
 Successful connects return STATE_OK, refusals and timeouts return
STATE_CRITICAL
 other errors return STATE_UNKNOWN. Successful connects, but incorrect
reponse
 messages from the host result in STATE_WARNING return values. If you are
 checking a virtual server that uses 'host headers' you must supply the FQDN
 (fully qualified domain name) as the [host_name] argument."

The module works for all servers on the LAN, except for the squid server
(192.168.0.1) (which also happens to be the firewall server):

access.log:
12/Apr/2010:06:01:00 +0100 192.168.0.9 TCP_DENIED/400 1651 GET
error:invalid-r
      equest NONE/- text/html

cache.log:
2010/04/12 06:01:00| clientReadRequest: FD 70 (192.168.0.9:58818)
Invalid Request

If I manually run the check_http module on the nagios server (or from
any other client):
$ ./check_http -I 192.168.0.1
HTTP WARNING: HTTP/1.0 400 Bad Request

But from the squid server:
$ ./check_http -I 192.168.0.1
HTTP OK HTTP/1.0 200 OK - 965 bytes in 0.000 seconds
|time=0.000425s;;;0.000000 siz0

I've been googling around and the solutions I've been finding are people
doing things like not adding "transparent" to their http_port line, or
defining the line twice, etc. Which doesn't apply to
my case, because I check my squid.conf and the http_port line is fine.
What could be causing this HTTP issue?
Thanks

Dayo
Received on Mon Apr 12 2010 - 08:42:35 MDT

This archive was generated by hypermail 2.2.0 : Mon Apr 12 2010 - 12:00:04 MDT