Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [Resolved] Squid error after update 2.0-RC3 (i386) built on Tue Aug 30

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 2 Posters 13.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      nl
      last edited by

      I receive a squid (version 2.7.9_4.1) "Invalid Request" error message, after updating to 2.0-RC3 (i386) built on Tue Aug 30 18:46:28 EDT 2011

      This is frequently due to squid's parameter "request_body_max_size" set value lower than 1 MB, but I's set to
      "request_body_max_size 0 KB" (unlimited)

      
cache.log : 
2011/08/31 15:58:55| clientTryParseRequest: FD 23 (10.0.0.9:2108) Invalid Request
2011/08/31 15:58:56| clientTryParseRequest: FD 23 (10.0.0.9:2109) Invalid Request
2011/08/31 16:05:08| clientTryParseRequest: FD 23 (10.0.0.9:2111) Invalid Request


      
access.log : 
1314799136.857      0 10.0.0.9 TCP_DENIED/400 2297 GET NONE:// - NONE/- text/html
1314799508.667      0 10.0.0.9 TCP_DENIED/400 2395 GET NONE:// - NONE/- text/html

      Squid conf  :

      Do not edit manually !

      http_port 10.0.0.10:3128
      http_port 127.0.0.1:3128
      http_port 127.0.0.1:3128 transparent
      icp_port 0

      pid_filename /var/run/squid.pid
      cache_effective_user proxy
      cache_effective_group proxy
      error_directory /usr/local/etc/squid/errors/French
      icon_directory /usr/local/etc/squid/icons
      visible_hostname Parefeu-test
      cache_mgr xxxx
      access_log /var/squid/log/access.log
      cache_log /var/squid/log/cache.log
      cache_store_log none
      logfile_rotate 7
      shutdown_lifetime 3 seconds

      Allow local network(s) on interface(s)

      acl localnet src  10.0.0.0/255.255.255.0 127.0.0.0/255.0.0.0
      forwarded_for off
      httpd_suppress_version_string on
      uri_whitespace strip

      cache_mem 256 MB
      maximum_object_size_in_memory 32 KB
      memory_replacement_policy heap GDSF
      cache_replacement_policy heap LFUDA
      cache_dir ufs /var/squid/cache 5000 16 256
      minimum_object_size 0 KB
      maximum_object_size 4096 KB
      offline_mode off
      cache_swap_low 90
      cache_swap_high 95

      No redirector configured

      Setup some default acls

      acl all src 0.0.0.0/0.0.0.0
      acl localhost src 127.0.0.1/255.255.255.255
      acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 445 3128 1025-65535
      acl sslports port 443 563 445
      acl manager proto cache_object
      acl purge method PURGE
      acl connect method CONNECT
      acl dynamic urlpath_regex cgi-bin ?
      acl unrestricted_hosts src '/var/squid/acl/unrestricted_hosts.acl'
      cache deny dynamic
      http_access allow manager localhost
       
      http_access deny manager
      http_access allow purge localhost
      http_access deny purge
      http_access deny !safeports
      http_access deny CONNECT !sslports

      Always allow localhost connections

      http_access allow localhost

      request_body_max_size 0 KB
      reply_body_max_size 0 deny all
      delay_pools 1
      delay_class 1 2
      delay_parameters 1 -1/-1 -1/-1
      delay_initial_bucket_level 100
      delay_access 1 allow all

      Custom options

      tcp_outgoing_address 127.0.0.1
      redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
      redirector_bypass on
      redirect_children 3

      These hosts do not have any restrictions

      http_access allow unrestricted_hosts

      Setup allowed acls

      Allow local network(s) on interface(s)

      http_access allow localnet

      Default block all to be sure

      http_access deny all

      1 Reply Last reply Reply Quote 0
      • N Offline
        nl
        last edited by

        I've found the problem :

        Disable loopback interface in squid and everything goes on.

        1 Reply Last reply Reply Quote 0
        • R Offline
          robo
          last edited by

          I encountered the same problem on august 30th build.  I've corrected the problem by removing middle line and restarting squid:

          http_port 10.0.0.10:3128
          http_port 127.0.0.1:3128
          http_port 127.0.0.1:3128 transparent

          Is this a bug or newly introduced feature? I've checked my old squid.conf and 2nd line wasn't present there.

          1 Reply Last reply Reply Quote 0
          • R Offline
            robo
            last edited by

            @nl:

            I've found the problem :

            Disable loopback interface in squid and everything goes on.

            I've checked my squid.conf after applying your method and I think I understand now - your fix does exactly the same thing as mine.
            Simply after adding loopback interface squid puts incorrectly
            http_port 127.0.0.1:3128
            thus disabling next line with transparent option, so it's a slight change in GUI interpretation in the latest version of squid package.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.