[Resolved] Squid error after update 2.0-RC3 (i386) built on Tue Aug 30

  • I receive a squid (version 2.7.9_4.1) "Invalid Request" error message, after updating to 2.0-RC3 (i386) built on Tue Aug 30 18:46:28 EDT 2011

    This is frequently due to squid's parameter "request_body_max_size" set value lower than 1 MB, but I's set to
    "request_body_max_size 0 KB" (unlimited)

    cache.log : 
    2011/08/31 15:58:55| clientTryParseRequest: FD 23 ( Invalid Request
    2011/08/31 15:58:56| clientTryParseRequest: FD 23 ( Invalid Request
    2011/08/31 16:05:08| clientTryParseRequest: FD 23 ( Invalid Request
    access.log : 
    1314799136.857      0 TCP_DENIED/400 2297 GET NONE:// - NONE/- text/html
    1314799508.667      0 TCP_DENIED/400 2395 GET NONE:// - NONE/- text/html

    Squid conf  :

    Do not edit manually !

    http_port transparent
    icp_port 0

    pid_filename /var/run/squid.pid
    cache_effective_user proxy
    cache_effective_group proxy
    error_directory /usr/local/etc/squid/errors/French
    icon_directory /usr/local/etc/squid/icons
    visible_hostname Parefeu-test
    cache_mgr xxxx
    access_log /var/squid/log/access.log
    cache_log /var/squid/log/cache.log
    cache_store_log none
    logfile_rotate 7
    shutdown_lifetime 3 seconds

    Allow local network(s) on interface(s)

    acl localnet src
    forwarded_for off
    httpd_suppress_version_string on
    uri_whitespace strip

    cache_mem 256 MB
    maximum_object_size_in_memory 32 KB
    memory_replacement_policy heap GDSF
    cache_replacement_policy heap LFUDA
    cache_dir ufs /var/squid/cache 5000 16 256
    minimum_object_size 0 KB
    maximum_object_size 4096 KB
    offline_mode off
    cache_swap_low 90
    cache_swap_high 95

    No redirector configured

    Setup some default acls

    acl all src
    acl localhost src
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 445 3128 1025-65535
    acl sslports port 443 563 445
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT
    acl dynamic urlpath_regex cgi-bin ?
    acl unrestricted_hosts src '/var/squid/acl/unrestricted_hosts.acl'
    cache deny dynamic
    http_access allow manager localhost
    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports

    Always allow localhost connections

    http_access allow localhost

    request_body_max_size 0 KB
    reply_body_max_size 0 deny all
    delay_pools 1
    delay_class 1 2
    delay_parameters 1 -1/-1 -1/-1
    delay_initial_bucket_level 100
    delay_access 1 allow all

    Custom options

    redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
    redirector_bypass on
    redirect_children 3

    These hosts do not have any restrictions

    http_access allow unrestricted_hosts

    Setup allowed acls

    Allow local network(s) on interface(s)

    http_access allow localnet

    Default block all to be sure

    http_access deny all

  • I've found the problem :

    Disable loopback interface in squid and everything goes on.

  • I encountered the same problem on august 30th build.  I've corrected the problem by removing middle line and restarting squid:

    http_port transparent

    Is this a bug or newly introduced feature? I've checked my old squid.conf and 2nd line wasn't present there.

  • @nl:

    I've found the problem :

    Disable loopback interface in squid and everything goes on.

    I've checked my squid.conf after applying your method and I think I understand now - your fix does exactly the same thing as mine.
    Simply after adding loopback interface squid puts incorrectly
    thus disabling next line with transparent option, so it's a slight change in GUI interpretation in the latest version of squid package.

Log in to reply