[squid-users] failing https requests
adamw at matrixscience.com
Mon Apr 27 14:03:24 UTC 2020
Thanks Amos for the hint.
Tcpdump in source reveals the following:
HTTP/1.1 400 Bad Request
Date: Mon, 27 Apr 2020 13:34:47 GMT
X-Squid-Error: ERR_INVALID_REQ 0
X-Cache: MISS from PROXY
X-Cache-Lookup: NONE from PROXY:3128
Via: 1.1 PROXY (squid/3.5.27)
It also produces:
Some possible problems are:
- Missing or unknown request method.
- Missing URL.
- Missing HTTP Identifier (HTTP/1.0).
- Request is too large.
- Content-Length missing for POST or PUT requests.
- Illegal character in hostname; underscores are not allowed.
- HTTP/1.1 feature is being asked from an HTTP/1.0 software.
Can I determine which of the above is actually causing failures?
Increasing debug level to 9 in squid config hasn't resulted in any more
info being logged :(
On 24/04/2020 16:57, Amos Jeffries wrote:
> On 25/04/20 3:46 am, Adam Weremczuk wrote:
>> Hi all,
>> I run squid-3.5.27_3 on pfSense 2.4.4 as well as in house Sugar CRM server.
>> Recently Sugar license validation and updates checks made to
>> https://updates.sugarcrm.com/heartbeat/soap.php started failing (no
>> changes made at our end).
>> In squid logs requests only produce 2 lines:
>> 1587737506.670 0 192.168.5.30 TAG_NONE/400 4360 NONE
>> error:invalid-request - HIER_NONE/- text/html
>> 1587737506.978 301 192.168.5.30 TCP_MISS/301 464 POST
>> http://updates.sugarcrm.com/heartbeat/soap.php -
>> HIER_DIRECT/184.108.40.206 text/html
>> It looks like client error followed by a redirection to http.
>> Direct requests (no web proxy) as well as telnet, wget and curl work fine.
>> Could somebody explain what exactly the errors mean and why the requests
> It means the client delivered some bytes which do not in any way conform
> to HTTP request syntax. Not even similar.
> The best thing to do is to get a full-packet capture and investigate
> with wireshark what is going on.
> squid-users mailing list
> squid-users at lists.squid-cache.org
More information about the squid-users