[squid-users] Zero Sized Reply

Amos Jeffries squid3 at treenet.co.nz
Thu Aug 27 19:03:58 UTC 2015


On 28/08/2015 5:49 a.m., Jorgeley Junior wrote:
> Amos, thank you so much for attention, but sorry, I didn't understand what
> you said.

Nevermind. The website code is broken.

I have been looking into it from here using those request headers from
your log.

What I see happening is that the server starts responding. Then the PHP
code it is running hangs for a very long time. If you wait long enough
it will pop out part of a page and a PHP error message about its
database connection script and some timeout.

The best I could get was over a minute (78 seconds) delay before
anything at all happened. Usually a bit longer.

I think something in your network is terminating the server connection
after it takes too long. NAT and high speed router systems tend to have
a 30 second maximum wait between TCP packets before they close the
connection.

Either way the website server itself is very broken.


> So, I tried to change the http for https and it showed the website and i
> added the security exception for no trusted certificate, but I really would
> like that the squid didn't show the error.
> Why http show de Zero Sized Reply and https no?

Different protocols and ports.

I still see the same delays, partial page and database errors when
connecting with HTTPS. But kept digging to see why you might be getting
a page...

It seems to be an IPv6 server sitting behind some form of gateway access
network and only pretending to be IPv4-only. When sending it a
X-Forwarded-For header claiming to be an IPv6-enabled browser it seems
to operate just fine.

So, try adding this to your squid.conf:

 acl magicXff dstdomain .grupoatuall.com.br
 request_header_access X-Forwarded-For deny magicXff
 request_header_replace X-Forwarded-For ::1


Amos



More information about the squid-users mailing list