Great !
thanks a lot Amos for this quick answer.
David
Le 10/09/2010 15:17, Amos Jeffries a écrit :
> On 11/09/10 00:21, David Blaisonneau wrote:
>>
>> Hi !
>>
>> I am having trouble with my squid proxy: everything is ok, except
>> fetching the gpg signature.
>> My proxy is behind another proxy and everything should go to through it.
>> But with this request the proxy wants to go directly to the web server.
>>
>> Can someone help me please ? I have burn all my neurones to solve this
>> problem. Thanks a lot.
>>
>> The following request does not work:
>>
>> server1:~# gpg --keyserver pgpkeys.mit.edu --recv-keys C514AF8E4BA401C3
>> gpg: requesting key 4BA401C3 from hkp server pgpkeys.mit.edu
>> gpg: keyserver timed out
>> gpg: keyserver receive failed: keyserver error
>>
>> The equivalent HTTP request is not working anymore:
>>
>> server1:~# wget
>> 'http://pgpkeys.mit.edu:11371/pks/lookup?op=get&options=mr&search=0x4BA401C3'
>>
>>
>> --2010-09-10 11:35:56--
>> http://pgpkeys.mit.edu:11371/pks/lookup?op=get&options=mr&search=0x4BA401C3
>>
>> Resolving myway... 192.168.100.2
>> Connecting to myway|192.168.100.2|:3128... connected.
>> Proxy request sent, awaiting response... 504 Gateway Time-out
>> 2010-09-10 11:38:55 ERROR 504: Gateway Time-out.
>>
>> Squid logs are:
>>
>> ==> /var/log/squid/access.log <==
>> 1284122031.432 180023 192.168.100.11 TCP_MISS/504 1529 GET
>> http://pgpkeys.mit.edu:11371/pks/lookup?op=get&options=mr&search=0x4BA401C3
>>
>> - DIRECT/18.9.60.141 text/html
>>
>> ==> /var/log/squid/store.log <==
>> 1284122031.432 RELEASE -1 FFFFFFFF 2CC990F7B7B5BDA236B4C689AF96F7CE 504
>> 1284122031 -1 1284122031 text/html 1160/1160 GET
>> http://pgpkeys.mit.edu:11371/pks/lookup?op=get&options=mr&search=0x4BA401C3
>>
>>
>> What makes me perplex is this result: without parameters the HTTP
>> request is going out to the good way.
>>
>> server1:~# wget 'http://pgpkeys.mit.edu:11371
>> --2010-09-10 13:51:48-- http://pgpkeys.mit.edu:11371/
>> Resolving myway... 192.168.100.2
>> Connecting to myway|192.168.100.2|:3128... connected.
>> Proxy request sent, awaiting response... 200 OK
>> Length: unspecified [text/html]
>> Saving to: `index.html'
>>
>> [ <=> ] 1,995 --.-K/s in 0s
>>
>> 2010-09-10 13:51:53 (105 MB/s) - `index.html' saved [1995]
>>
>> Squid logs are:
>>
>> ==> /var/log/squid/access.log <==
>> 1284121918.557 245 192.168.100.11 TCP_MISS/200 2300 GET
>> http://pgpkeys.mit.edu:11371/ - FIRST_UP_PARENT/172.20.0.1 text/html
>>
>> ==> /var/log/squid/store.log <==
>> 1284121918.557 RELEASE -1 FFFFFFFF 3828411FC0C814608C64548487002F2D 200
>> 1284118339 -1 -1 text/html -1/1995 GET
>> http://pgpkeys.mit.edu:11371/
>>
>> Here is my config:
>> <snip>
>>
>> cache_peer 172.20.0.1 parent 80 0 proxy-only no-query
>>
> <snip>
>>
>> hierarchy_stoplist cgi-bin ?
>
> hierarchy_stoplist is blocking any request with "?" or "cgi-bin" in
> the URL from being passed to the peer.
>
> Squid-2.6 and earlier sent some headers that broke downstream caching
> passing dynamic stuff out to peers. If your squid is at least 2.7 or
> later its safe enough to remove.
>
> Amos
Received on Fri Sep 10 2010 - 15:51:07 MDT
This archive was generated by hypermail 2.2.0 : Fri Sep 10 2010 - 12:00:04 MDT