[squid-users] TCP_TUNNEL/500 in squid logs in squid 5.9

sachin gupta sachin1.g at gmail.com
Fri May 26 12:22:50 UTC 2023 

Hi

I also added some prints in ClientHttpRequest::logRequest  to see if it is
getting 500 from response.

 398     if (const auto reply = findReply()) {

 399

 400         debugs(33, 8, "SACHIN clientLogRequest: status='" <<
reply->sline.status() << "'");

 401         debugs(33, 8, "SACHIN clientLogRequest: body='" <<
reply->body.content() << "'");

 402         al->http.code = reply->sline.status();

 403         al->http.content_type = reply->content_type.termedBuf();

 404     }

 405

 406     debugs(33, 9, "clientLogRequest: http.code='" << al->http.code <<
"'");



The lines inside if ( 400-401 ) did not get printed but 406 got printed
with status code as 500. I also collected cache.log with debug level as 5
but mailing list is not allowing me to send that in mail.


Any suggestion for this behavior


Regards

Sachin

On Thu, May 25, 2023 at 8:50 PM sachin gupta <sachin1.g at gmail.com> wrote:

> Hi All
>
> We are migrating for squid 4.15 to squid 5.9. We are running our existing
> test suite to check if we pass our sanity testing.
>
> For requests in transparent mode, though request passes and client get
> 200, in squid logs we are getting TCP_TUNNEL/500. We were not getting this
> issue with squid 4.15.
>
> *Client logs*
>
> curl -v https://origin/cache/0
>
> *   Trying 10.80.96.68:443...
>
> * TCP_NODELAY set
>
> * Connected to origin (10.80.96.68) port 443 (#0)
>
> * ALPN, offering h2
>
> * ALPN, offering http/1.1
>
> * Cipher selection:
> ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
>
> * successfully set certificate verify locations:
>
> *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
>
>   CApath: none
>
> * TLSv1.2 (OUT), TLS header, Certificate Status (22):
>
> * TLSv1.2 (OUT), TLS handshake, Client hello (1):
>
> * TLSv1.2 (IN), TLS handshake, Server hello (2):
>
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
>
> * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
>
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
>
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
>
> * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
>
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
>
> * TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
>
> * TLSv1.2 (IN), TLS handshake, Finished (20):
>
> * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA
>
> * ALPN, server did not agree to a protocol
>
> * Server certificate:
>
> *  subject: C=US; ST=CA; L=SF; O=SFDC;
> OU=0:ns.tester;1:mvp;2:mist51;3:na44;4:dev1; CN=origin
>
> *  start date: Jul 26 06:59:41 2022 GMT
>
> *  expire date: Jul 26 06:59:41 2023 GMT
>
> *  subjectAltName: host "origin" matched cert's "origin"
>
> *  issuer: C=US; ST=CA; L=SF; O=SFDC; OU=Edge; CN=ca
>
> *  SSL certificate verify ok.
>
> > GET /cache/0 HTTP/1.1
>
> > Host: origin
>
> > User-Agent: curl/7.67.0
>
> > Accept: */*
>
> >
>
> * Mark bundle as not supporting multiuse
>
> < HTTP/1.1 200 OK
>
> < Server: origin
>
> < Date: Thu, 25 May 2023 15:08:57 GMT
>
> < Connection: close
>
> < Content-Type: application/json
>
> < Content-Length: 162
>
> < Cache-Control: public, max-age=0
>
> < Access-Control-Allow-Origin: *
>
> < Access-Control-Allow-Credentials: true
>
> <
>
>
> {"args":{},"headers":{"Accept":"*/*","Host":"origin","User-Agent":"curl/7.67.0","X-Origin-Server":"origin"},"origin":"10.80.96.3","url":"
> https://origin/cache/0"}
>
> * Closing connection 0
>
> * TLSv1.2 (OUT), TLS alert, close notify (256):
>
>
> Squid access logs
>
>
> [25/May/2023:15:08:57]      31 10.80.96.6:51028 - NONE_NONE/000 0 CONNECT
> 10.80.96.68:443 tester HIER_NONE/- - - tester 746573746572 dagobah [-] -
> [-] - [-] - 0 0 - - [origin]
>
> [25/May/2023:15:08:57]     40 10.80.96.6:51028 - *TCP_TUNNEL/500* 800
> CONNECT origin:443 tester HIER_DIRECT/origin 10.80.96.68 - tester
> 746573746572 dagobah [-] - [-] - [-] - 1969 2769 4 33 [origin]
>
>
> Can someone please help in this.
>
>
> Regards
>
> Sachin
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20230526/a875903b/attachment-0001.htm>

More information about the squid-users mailing list