[Resolved] Squid error after update 2.0-RC3 (i386) built on Tue Aug 30
-
I receive a squid (version 2.7.9_4.1) "Invalid Request" error message, after updating to 2.0-RC3 (i386) built on Tue Aug 30 18:46:28 EDT 2011
This is frequently due to squid's parameter "request_body_max_size" set value lower than 1 MB, but I's set to
"request_body_max_size 0 KB" (unlimited)cache.log : 2011/08/31 15:58:55| clientTryParseRequest: FD 23 (10.0.0.9:2108) Invalid Request 2011/08/31 15:58:56| clientTryParseRequest: FD 23 (10.0.0.9:2109) Invalid Request 2011/08/31 16:05:08| clientTryParseRequest: FD 23 (10.0.0.9:2111) Invalid Request
access.log : 1314799136.857 0 10.0.0.9 TCP_DENIED/400 2297 GET NONE:// - NONE/- text/html 1314799508.667 0 10.0.0.9 TCP_DENIED/400 2395 GET NONE:// - NONE/- text/html
Squid conf :
Do not edit manually !
http_port 10.0.0.10:3128
http_port 127.0.0.1:3128
http_port 127.0.0.1:3128 transparent
icp_port 0pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/French
icon_directory /usr/local/etc/squid/icons
visible_hostname Parefeu-test
cache_mgr xxxx
access_log /var/squid/log/access.log
cache_log /var/squid/log/cache.log
cache_store_log none
logfile_rotate 7
shutdown_lifetime 3 secondsAllow local network(s) on interface(s)
acl localnet src 10.0.0.0/255.255.255.0 127.0.0.0/255.0.0.0
forwarded_for off
httpd_suppress_version_string on
uri_whitespace stripcache_mem 256 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir ufs /var/squid/cache 5000 16 256
minimum_object_size 0 KB
maximum_object_size 4096 KB
offline_mode off
cache_swap_low 90
cache_swap_high 95No redirector configured
Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 445 3128 1025-65535
acl sslports port 443 563 445
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin ?
acl unrestricted_hosts src '/var/squid/acl/unrestricted_hosts.acl'
cache deny dynamic
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslportsAlways allow localhost connections
http_access allow localhost
request_body_max_size 0 KB
reply_body_max_size 0 deny all
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow allCustom options
tcp_outgoing_address 127.0.0.1
redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
redirector_bypass on
redirect_children 3These hosts do not have any restrictions
http_access allow unrestricted_hosts
Setup allowed acls
Allow local network(s) on interface(s)
http_access allow localnet
Default block all to be sure
http_access deny all
-
I've found the problem :
Disable loopback interface in squid and everything goes on.
-
I encountered the same problem on august 30th build. I've corrected the problem by removing middle line and restarting squid:
http_port 10.0.0.10:3128
http_port 127.0.0.1:3128
http_port 127.0.0.1:3128 transparentIs this a bug or newly introduced feature? I've checked my old squid.conf and 2nd line wasn't present there.
-
@nl:
I've found the problem :
Disable loopback interface in squid and everything goes on.
I've checked my squid.conf after applying your method and I think I understand now - your fix does exactly the same thing as mine.
Simply after adding loopback interface squid puts incorrectly
http_port 127.0.0.1:3128
thus disabling next line with transparent option, so it's a slight change in GUI interpretation in the latest version of squid package.