[squid-users] mail upload problem
vivek singh
itpc.vivek at gmail.com
Fri Dec 4 14:07:55 UTC 2015
I accept http://download.newnext.me/spark.bin to be a virus redirection,
but not sure, and dint understand how it is so, i have checked the computer
for any unwanted third party and were not found.
*Thanks and RegardsVivek Kumar SinghMobile +918902000538*
On Fri, Dec 4, 2015 at 7:11 PM, vivek singh <itpc.vivek at gmail.com> wrote:
> please find below the access log while problem occur
> 1449226819.307: 0: TCP_DENIED/403: 4089: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226828.671: 249222: TCP_TUNNEL/200: 6610: CONNECT:
> clients2.google.com:443: -: HIER_DIRECT/216.58.196.110
> 1449226829.308: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226839.323: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226849.216: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226859.119: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226868.917: 0: TCP_DENIED/403: 4088: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226878.635: 0: TCP_DENIED/403: 4089: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226888.391: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226898.104: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226907.951: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226917.685: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226927.463: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226937.162: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226947.042: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226956.901: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226966.745: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226976.559: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226986.260: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449226996.214: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227006.198: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227016.198: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227026.184: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227036.072: 0: TCP_DENIED/403: 4089: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227042.281: 791782: TCP_TUNNEL/200: 5014: CONNECT:
> mtalk.google.com:443: -: HIER_DIRECT/74.125.130.188
> 1449227042.537: 714649: TCP_TUNNEL/200: 7775: CONNECT: play.google.com:443:
> -: HIER_DIRECT/216.58.196.110
> 1449227042.537: 68131: TCP_TUNNEL/200: 5813: CONNECT:
> lh3.googleusercontent.com:443: -: HIER_DIRECT/216.58.196.97
> 1449227042.538: 70423: TCP_TUNNEL/200: 2303: CONNECT: apis.google.com:443:
> -: HIER_DIRECT/216.58.196.110
> 1449227042.538: 184079: TCP_TUNNEL/200: 698: CONNECT: csi.gstatic.com:443:
> -: HIER_DIRECT/216.58.211.3
> 1449227042.539: 190277: TCP_TUNNEL/200: 3353: CONNECT: ssl.gstatic.com:443:
> -: HIER_DIRECT/216.58.196.99
> 1449227042.539: 143474: TCP_TUNNEL/200: 723: CONNECT:
> clients5.google.com:443: -: HIER_DIRECT/216.58.196.110
> 1449227042.539: 142248: TCP_TUNNEL/200: 5317: CONNECT:
> clients5.google.com:443: -: HIER_DIRECT/216.58.196.110
> 1449227042.540: 165512: TCP_TUNNEL/200: 1107: CONNECT:
> clients1.google.com:443: -: HIER_DIRECT/216.58.196.110
> 1449227042.540: 188929: TCP_TUNNEL/200: 7668: CONNECT: plus.google.com:443:
> -: HIER_DIRECT/216.58.196.110
> 1449227042.540: 388342: TCP_TUNNEL/200: 4996: CONNECT:
> clients6.google.com:443: -: HIER_DIRECT/216.58.196.110
> 1449227042.540: 396197: TCP_TUNNEL/200: 2101: CONNECT: www.google.com:443:
> -: HIER_DIRECT/216.58.196.100
> 1449227042.542: 106590: TCP_TUNNEL/200: 575: CONNECT:
> clients2.google.com:443: -: HIER_DIRECT/216.58.196.110
> 1449227042.542: 88135: TCP_TUNNEL/200: 963: CONNECT: play.google.com:443:
> -: HIER_DIRECT/216.58.196.110
> 1449227042.543: 6778: TCP_TUNNEL/200: 60202: CONNECT: www.google.co.in:443:
> -: HIER_DIRECT/216.58.196.99
> 1449227042.543: 786962: TCP_TUNNEL/200: 16071: CONNECT:
> 0.client-channel.google.com:443: -: HIER_DIRECT/74.125.200.189
> 1449227042.544: 6709: TCP_TUNNEL/200: 234: CONNECT: www.google.co.in:443:
> -: HIER_DIRECT/216.58.196.99
> 1449227042.544: 6630: TCP_TUNNEL/200: 234: CONNECT: www.google.co.in:443:
> -: HIER_DIRECT/216.58.196.99
> 1449227042.544: 6399: TCP_TUNNEL/200: 234: CONNECT: www.google.co.in:443:
> -: HIER_DIRECT/216.58.196.99
> 1449227045.855: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227055.855: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227065.855: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227075.855: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227085.855: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227095.855: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227105.855: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227115.855: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227125.855: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227135.855: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227145.855: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227155.855: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227165.855: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227175.855: 0: TCP_DENIED/403: 4091: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227185.855: 0: TCP_DENIED/403: 4089: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227195.855: 0: TCP_DENIED/403: 4089: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227196.494: 0: TCP_DENIED/403: 3964: CONNECT: mtalk.google.com:5228:
> -: HIER_NONE/-
> 1449227196.503: 0: TCP_DENIED/403: 3964: CONNECT: mtalk.google.com:5228:
> -: HIER_NONE/-
> 1449227205.589: 0: TCP_DENIED/403: 4089: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227207.642: 10969: TCP_TUNNEL/200: 4053: CONNECT:
> www.googleapis.com:443: -: HIER_DIRECT/216.58.197.42
> 1449227207.643: 10970: TCP_TUNNEL/200: 4053: CONNECT:
> www.googleapis.com:443: -: HIER_DIRECT/216.58.197.42
> 1449227215.671: 0: TCP_DENIED/403: 4090: GET:
> http://download.newnext.me/spark.bin?: -: HIER_NONE/-
> 1449227215.935: 504: TCP_TUNNEL/200: 0: CONNECT: hangouts.google.com:443:
> -: HIER_DIRECT/216.58.196.110
> 1449227216.850: 10806: TCP_TUNNEL/200: 4045: CONNECT: ssl.gstatic.com:443:
> -: HIER_DIRECT/216.58.196.99
> 1449227217.642: 11363: TCP_TUNNEL/200: 4770: CONNECT: plus.google.com:443:
> -: HIER_DIRECT/216.58.196.110
> 1449227217.642: 13636: TCP_TUNNEL/200: 3993: CONNECT: ssl.gstatic.com:443:
> -: HIER_DIRECT/216.58.196.99
>
>
>
>
>
> *Thanks and RegardsVivek Kumar SinghMobile +918902000538*
>
> On Fri, Dec 4, 2015 at 12:32 PM, Yuri Voinov <yvoinov at gmail.com> wrote:
>
>>
>>
>> 04.12.15 12:59, vivek singh пишет:
>>
>> Thanks a lot for you responses.
>> I will update after doing more analysis.
>>
>> *@Amos Jeffries :*
>> Q . How does the IP correlate to the tv_ip, sysadmin_ip,
>> workstation_ip ACLs above?
>> A. these are separate text files in the same directory, containing ip
>> lists.
>> Q. Any difference with how those machines are configured to use the proxy
>> A. all the machines are in the same domain and network.
>> Q. what version of squid-3.5.x is being used
>> A. Squid 3.5.0.2 on Redhat Linux , packaged rpm is used.
>> Q. His squid.conf does not contain anything that obviously restricts
>> that.So I am suspecting the problems some old-ish browsers and OS have with
>> POST messages and Expect headers
>> A. On the same machine if i change it to use another windows proxy
>> server, it works fine.
>>
>> *@ Eliezer Croitoru*
>> Q. slow uploads but in 3.5.X which I am almost sure was not fixed yet
>> A. while on other machines it is working fine.
>>
>> *@Yuri Voinov*
>> Q. I suggest the problem just required to allow POST method from LAN
>> and/or to mail servers. Often this can help
>> A. Do i explicitly need to do so, if yes please tell me how.
>>
>> Example:
>>
>> # Adjust network as you need
>> acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
>> acl POST method POST
>> # Allow POST for localnet
>> http_access allow POST localnet
>>
>>
>>
>>
>> *Thanks and Regards Vivek Kumar Singh *
>>
>>
>> On Thu, Dec 3, 2015 at 10:01 PM, Eliezer Croitoru <
>> <eliezer at ngtech.co.il>eliezer at ngtech.co.il> wrote:
>>
>>> Or it could be the slow uploads but in 3.5.X which I am almost sure was
>>> not fixed yet.
>>>
>>> Eliezer
>>>
>>>
>>> On 03/12/2015 12:24, Amos Jeffries wrote:
>>>
>>>> His squid.conf does not contain anything that obviously restricts that.
>>>> So I am suspecting the problems some old-ish browsers and OS have with
>>>> POST messages and Expect headers.
>>>>
>>>> Or that some of the machines have been configured in a way that only
>>>> partially configures the applictinos on it, leaving some occasionally to
>>>> not even find the proxy.
>>>>
>>>> Amos
>>>>
>>>
>>> _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> http://lists.squid-cache.org/listinfo/squid-users
>>>
>>
>>
>>
>> _______________________________________________
>> squid-users mailing listsquid-users at lists.squid-cache.orghttp://lists.squid-cache.org/listinfo/squid-users
>>
>>
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151204/5bac7e8d/attachment-0001.html>
More information about the squid-users
mailing list