Re: [squid-users] Re: Squid operation issues

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 28 Feb 2014 11:30:54 +1300

On 2014-02-28 06:02, Mohamad Saeed wrote:
> thank you for your replay
>
> recently i found that when traffic fall down the cache.log have so
> many lines like this
>
> {Accept: */*
> Content-Type: application/x-www-form-urlencoded
> 2014/02/27 18:49:04| WARNING: HTTP header contains NULL characters
> {Accept: */*
> Content-Type: application/x-www-form-urlencoded}
> NULL
>
>
> what should be the problem ?

It is a badly written software
  http://wiki.squid-cache.org/KnowledgeBase/UnparseableHeader

This particular case the sender is adding a custom Content-Type which
includes a NULL (\0 or 0x00) byte. It should be sending LF byte with CR
or a charset label first. We can tell what it should be because we know
the mime type but Squid cannot.

Squid is dropping the request. It should also be dropping the
connection. If this is happening a lot at once there may be some
slowdown while new connections are setup and the sockets cycle through
TCP CLOSE_WAIT state.

It could be the client UA or a script on the website visited. Please
note the details and inform the relevant people to get the sender
software fixed.

Amos

>
> On 02/24/2014 04:40 PM, Mohamad Saeed wrote:
>> Hi all,
>>
>> I'm using squid on a 100Mbps ISP with about 5,000 users.
>>
>> I have an Intel Xeon processor-machine, with 8GB of RAM and 500
>> of HD for the cache.
>>
>> Squid usually work fine and the memory is OK ,but thetraffic full down
>> Frequently then it back to normal state .
>>
>>
>> all my server resources are in best stat because i don't cache any
>> thing .
>>
>> this is my squid.conf snapshot :
>>
>> logfile_rotate 0
>>
>> url_rewrite_program /usr/bin/squidGuard
>> url_rewrite_children 192 startup=150 idle=10 concurrency=0
>> redirector_bypass on
>>
>> http_port 8080
>> http_port 3129 tproxy
>> http_port 3127 intercept
>>
>>
>> wccp2_router x.x.x.x
>> wccp2_forwarding_method 2
>> wccp2_return_method 2
>> wccp2_assignment_method mask
>> wccp2_service dynamic 80
>> wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240
>> ports=80
>> wccp2_service dynamic 90
>> wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source
>> priority=240 ports=80
>> wccp2_rebuild_wait on
>> wccp_version 4
>>
>> cache deny all
>> cache_log /dev/null
>>
>>
>> Do you have any idea or any other data I can collect to try and
>> track down this?
>>
>>
>> thanks regards,
Received on Thu Feb 27 2014 - 22:30:59 MST

This archive was generated by hypermail 2.2.0 : Fri Feb 28 2014 - 12:00:06 MST