[squid-users] Squid 5.2 TCP_MISS_ABORTED/100 erros when uploading
David Ferreira
davidtiagoff at gmail.com
Mon Aug 29 13:31:03 UTC 2022
Hi Amos,
Thank you for the reply,
here's my squid.conf, by default our client's(localnet) do not have
internet access and only match windows services acl's unless they are in
authorizednet.conf, in this case that's the only match acl for the clients
using this application, i also removed some of the includes i have, it's
mostly random src to random dstdomain, the clients in question do not match
this acl's at all.
---
squid 4.15 squid.conf:
---
logformat timereadable %tl %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log daemon:/var/log/squid/access.log timereadable
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged)
machines
include /etc/squid/acls/authorizednet.conf
acl SSL_ports port 443
acl SSL_ports port 8080
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl FTP_ports port 21 1025-65535
acl CONNECT method CONNECT
###BlockLists
include /etc/squid/acls/blocklists-remotes.conf
###Microsoft ATP
include /etc/squid/acls/atp.conf
###Windows Activation
include /etc/squid/acls/wactivate.conf
###No Windows Update
include /etc/squid/acls/nowupdate.conf
###Windows Update
include /etc/squid/acls/wupdate.conf
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow authorizednet
http_access allow localhost
http_access deny all
http_port 3128
cache_dir ufs /var/spool/squid 50000 16 256
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
max_filedesc 65535
maximum_object_size 10000 MB
range_offset_limit 10000 MB windowsupdate
quick_abort_min -1
refresh_pattern -i
microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200
reload-into-ims
refresh_pattern -i
windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80%
43200 reload-into-ims
refresh_pattern -i
windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200
reload-into-ims
---
And here's squid 5.2 squid.conf, it's pretty much the same:
---
logformat timereadable %tl %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log daemon:/var/log/squid/access.log timereadable
debug_options ALL,1 33,2 28,9
acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8 # RFC 1918 local private network
(LAN)
acl localnet src 100.64.0.0/10 # RFC 6598 shared address space
(CGN)
acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly
plugged) machines
acl localnet src 172.16.0.0/12 # RFC 1918 local private network
(LAN)
acl localnet src 192.168.0.0/16 # RFC 1918 local private network
(LAN)
acl localnet src fc00::/7 # RFC 4193 local private network
range
acl localnet src fe80::/10 # RFC 4291 link-local (directly
plugged) machines
include /etc/squid/acls/authorizednet.conf
acl SSL_ports port 443
acl SSL_ports port 8080
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl FTP_ports port 21 1025-65535
###BlockLists
include /etc/squid/acls/blocklists-remotes.conf
###Microsoft ATP
include /etc/squid/acls/atp.conf
###Windows Activation
include /etc/squid/acls/wactivate.conf
###No Windows Update
include /etc/squid/acls/nowupdate.conf
###Windows Update
include /etc/squid/acls/wupdate.conf
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow authorizednet
http_access allow localhost
http_access deny all
http_port 3128
cache_dir ufs /var/spool/squid 50000 16 256
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
maximum_object_size 10000 MB
range_offset_limit 10000 MB windowsupdate
quick_abort_min -1
refresh_pattern -i
microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200
reload-into-ims
refresh_pattern -i
windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80%
43200 reload-into-ims
refresh_pattern -i
windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200
reload-into-ims
As for squid rocky linux packages information, here is the links:
Rocky 8 :
https://almalinux.pkgs.org/8/almalinux-appstream-x86_64/squid-4.15-3.module_el8.6.0+3010+383bc947.1.x86_64.rpm.html
Rocky 9 :
https://almalinux.pkgs.org/9/almalinux-appstream-x86_64/squid-5.2-1.el9_0.1.x86_64.rpm.html
Thank you!
On Mon, 29 Aug 2022 at 13:36, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> On 29/08/22 22:17, David Ferreira wrote:
> > hi,
> >
> > First time using mailing lists, sorry about anything.
> >
>
> Welcome, and thanks for using Squid.
>
> Do not worry about mistakes. Helping with that type of thing is what
> this list is here for whether expert or beginner.
>
>
>
> >
> > Squid 4.15:
> > 26/Aug/2022:15:36:08 +0100 273 172.19.222.132TCP_MISS/200 745 POST
> > http://websiteurl/index.php <http://websiteurl/index.php> -
> > HIER_DIRECT/websitedomain text/xml
> >
> > Squid 5.2:
> > 25/Aug/2022:15:10:00 +0100 139 172.19.222.132 TCP_MISS_ABORTED/100 0
> > POST http://websiteurl <http://websiteurl>/index.php -
> > HIER_DIRECT/websitedomain -
> >
> > anyone has an ideia of what may be happening here?, been searching about
> > http errors 100 and so far i did not find anything that points me to the
> > problem.
> >
> > On the application side the error it shows when it tries to upload is:
> > "
> > Error storing the document on the server
> > Detail HTTP error 100
> > Send failure: Connection was aborted (55)
> > "
> >
>
> This is very odd.
>
> * The "ABORTED" tag hints strongly that the client closed the
> connection here.
>
>
> * Status code "100 Continue" is a normal part of HTTP/1.1.
>
> There is something wrong with the client application to be reporting
> that as an error code at all. Likely that bug is what triggered the abort.
>
> * The difference in result between Squid v4 and v5 is also extremely
> odd. I do not think handling of status 100 had any significant changes
> since the Squid-3 days.
>
>
> Can you show us your config for both versions?
> Omit lines that are commented out to reduce the sizes.
> Take care to obscure private details while keeping it clear that
> detail A and B are different (eg don't use same symbol X for replacing
> both).
>
>
> Also FME, where can I/we find details of the Rocky Squid packages?
>
>
> Cheers
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
--
Com os melhores cumprimentos,
David Ferreira
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20220829/c844365c/attachment-0001.htm>
More information about the squid-users
mailing list