[squid-users] Blocked DNS request from IDS causes Squid to not work
Amos Jeffries
squid3 at treenet.co.nz
Thu Jul 16 00:26:50 UTC 2015
On 16/07/2015 9:57 a.m., markme wrote:
> I've been running Squid 3.3.8 on CentOS 7 for a few months now and every now
> and then I will get a "Suspicious .pw DNS query" alert from my IDS which was
> caused by Squid and it will be blocked. When this happens most clients start
> to get a 503 error or NONE_ABORTED/000 in the access log and they can't
> access the internet. To fix it I have just been issuing a reconfigure on
> Squid and that seems to fix the problem until it happens again. Just that
> one particular DNS query to our local DNS server gets blocked but everything
> else goes through. Any ideas on what might be making Squid require a
> reconfigure to start working again? Thanks!
Assertions and other detectable errors are logged in your cache.log.
Segmentation faults should be logged in your syslog (or OS messages log).
PS. please upgrade <http://wiki.squid-cache.org/KnowledgeBase/CentOS>
Amos
More information about the squid-users
mailing list