On 12/12/2012 09:44 AM, Sébastien WENSKE wrote:
> Eliezer,
>
> I'm running Debian 6 with a 3.6.9 kernel, Shorewall is v4.5.9.3 and Squid 3.2.3 (I had some troubles to compile 3.2.4)
>
> Indeed, "just these to 100Mbit connection" is what I need:)
Hey Sébastien,
It seems like a bug to me but just to make sure we need to check couple
things.
When these requests are being made make sure that in the CONNECT there
is no IP in the log but the actual domain name such as:
CONNECT www.google.com
and not CONNECT ip.address.what.so
The next step is to verify that the acls recognize the request dstdomain.
You can either use the acls debug_options which suppose to be 28.
debug_options ALL,1 28,3
will be basic to make sure the requests are being verified by the acl.
If you can use 28,6 it can help with even more details but in most cases
not needed.
The above will provide a lot output in production machines so make sure
to run small instance for testing or another machine.
When you have the above information please do two things:
File a bug in the squid bugzilla with as much details you can get on the
bug and notice that logs can be attached as txt files.
Send the basic description to the squid-dev mailing list.
All the above will help to speed up the a bug fix and bug tracing.
Maybe even one of the developers knows about it already or can give you
a test patch.
Regards,
Eliezer
Received on Wed Dec 12 2012 - 15:33:01 MST
This archive was generated by hypermail 2.2.0 : Thu Dec 13 2012 - 12:00:04 MST