<div dir="ltr"><div>Hi Eliezer,</div><div><br></div><div>We have:</div><div><br></div><div>/etc/apt/apt.conf:</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>Acquire::http::proxy "<a href="http://vpn-proxy-d68aca8a8f7f81d6.elb.ap-southeast-2.amazonaws.com:3128/">http://vpn-proxy-d68aca8a8f7f81d6.elb.ap-southeast-2.amazonaws.com:3128/</a>";<br>Acquire::https::proxy "<a href="http://vpn-proxy-d68aca8a8f7f81d6.elb.ap-southeast-2.amazonaws.com:3128/">http://vpn-proxy-d68aca8a8f7f81d6.elb.ap-southeast-2.amazonaws.com:3128/</a>";<br></div></blockquote><div><br></div><div>/etc/apt/sources.list (comment lines removed for brevity)<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>deb <a href="https://mirror.aarnet.edu.au/ubuntu/">https://mirror.aarnet.edu.au/ubuntu/</a> focal main restricted<br>deb <a href="https://mirror.aarnet.edu.au/ubuntu/">https://mirror.aarnet.edu.au/ubuntu/</a> focal-updates main restricted<br>deb <a href="https://mirror.aarnet.edu.au/ubuntu/">https://mirror.aarnet.edu.au/ubuntu/</a> focal-updates universe<br>deb <a href="https://mirror.aarnet.edu.au/ubuntu/">https://mirror.aarnet.edu.au/ubuntu/</a> focal multiverse<br>deb <a href="https://mirror.aarnet.edu.au/ubuntu/">https://mirror.aarnet.edu.au/ubuntu/</a> focal-updates multiverse<br>deb <a href="https://mirror.aarnet.edu.au/ubuntu/">https://mirror.aarnet.edu.au/ubuntu/</a> focal-backports main restricted universe multiverse<br>deb <a href="https://mirror.aarnet.edu.au/ubuntu">https://mirror.aarnet.edu.au/ubuntu</a> focal-security main restricted<br>deb <a href="https://mirror.aarnet.edu.au/ubuntu">https://mirror.aarnet.edu.au/ubuntu</a> focal-security universe<br>deb <a href="https://mirror.aarnet.edu.au/ubuntu">https://mirror.aarnet.edu.au/ubuntu</a> focal-security multiverse</div></blockquote><div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><br></div><div>squid.conf</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div style="color:rgb(212,212,212);background-color:rgb(30,30,30);font-family:"Droid Sans Mono","monospace",monospace,"Droid Sans Fallback";font-weight:normal;font-size:14px;line-height:19px;white-space:pre"><div><span style="color:rgb(106,153,85)"># Debugging for your ACLs</span></div><div><span style="color:rgb(212,212,212)">debug_options ALL,1</span></div><br><div><span style="color:rgb(106,153,85)"># temp option for full debug logs</span></div><div><span style="color:rgb(106,153,85)">#debug_options 28,2</span></div><br><div><span style="color:rgb(106,153,85)"># Example rule allowing access from your local networks.</span></div><div><span style="color:rgb(106,153,85)"># Adapt to list your (internal) IP networks from where browsing</span></div><div><span style="color:rgb(106,153,85)"># should be allowed</span></div><div><span style="color:rgb(212,212,212)">acl vpc_cidr src <a href="http://10.0.0.0/16">10.0.0.0/16</a> </span><span style="color:rgb(106,153,85)"># VPC CIDR</span></div><div><span style="color:rgb(212,212,212)">acl vpc_cidr src 127.0.0.1</span></div><br><div><span style="color:rgb(106,153,85)"># technician VPN source cidr</span></div><div><span style="color:rgb(212,212,212)">acl technician_vpn src <a href="http://10.0.104.0/22">10.0.104.0/22</a></span></div><br><br><div><span style="color:rgb(212,212,212)">acl SSL_ports port 443</span></div><div><span style="color:rgb(212,212,212)">acl Safe_ports port 80      </span><span style="color:rgb(106,153,85)"># http</span></div><div><span style="color:rgb(106,153,85)">#acl Safe_ports port 21     # ftp</span></div><div><span style="color:rgb(212,212,212)">acl Safe_ports port 443     </span><span style="color:rgb(106,153,85)"># https</span></div><div><span style="color:rgb(106,153,85)">#acl Safe_ports port 70     # gopher</span></div><div><span style="color:rgb(106,153,85)">#acl Safe_ports port 210        # wais</span></div><div><span style="color:rgb(212,212,212)">acl Safe_ports port 1025-65535  </span><span style="color:rgb(106,153,85)"># unregistered ports</span></div><div><span style="color:rgb(106,153,85)">#acl Safe_ports port 280        # http-mgmt</span></div><div><span style="color:rgb(106,153,85)">#acl Safe_ports port 488        # gss-http</span></div><div><span style="color:rgb(106,153,85)">#acl Safe_ports port 591        # filemaker</span></div><div><span style="color:rgb(106,153,85)">#acl Safe_ports port 777        # multiling http</span></div><div><span style="color:rgb(212,212,212)">acl CONNECT method CONNECT</span></div><br><div><span style="color:rgb(106,153,85)">#</span></div><div><span style="color:rgb(106,153,85)"># Recommended minimum Access Permission configuration:</span></div><div><span style="color:rgb(106,153,85)">#</span></div><div><span style="color:rgb(106,153,85)"># Deny requests to certain unsafe ports</span></div><div><span style="color:rgb(212,212,212)">http_access deny !Safe_ports</span></div><br><div><span style="color:rgb(106,153,85)"># Deny CONNECT to other than secure SSL ports</span></div><div><span style="color:rgb(212,212,212)">http_access deny CONNECT !SSL_ports</span></div><br><div><span style="color:rgb(106,153,85)"># Only allow cachemgr access from localhost</span></div><div><span style="color:rgb(212,212,212)">http_access allow localhost manager</span></div><div><span style="color:rgb(212,212,212)">http_access deny manager</span></div><br><div><span style="color:rgb(106,153,85)"># We strongly recommend the following be uncommented to protect innocent</span></div><div><span style="color:rgb(106,153,85)"># web applications running on the proxy server who think the only</span></div><div><span style="color:rgb(106,153,85)"># one who can access services on "localhost" is a local user</span></div><div><span style="color:rgb(106,153,85)">#http_access deny to_localhost</span></div><br><div><span style="color:rgb(106,153,85)">#</span></div><div><span style="color:rgb(106,153,85)"># INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS</span></div><div><span style="color:rgb(106,153,85)">#</span></div><br><div><span style="color:rgb(106,153,85)"># Redirect HTTP to HTTPS</span></div><div><span style="color:rgb(212,212,212)">acl port_80 port 80</span></div><div><span style="color:rgb(212,212,212)">acl gstatic dstdomain <a href="http://www.gstatic.com">www.gstatic.com</a></span></div><div><span style="color:rgb(212,212,212)">http_access deny port_80 gstatic</span></div><div><span style="color:rgb(212,212,212)">deny_info 301:https://%H%R gstatic</span></div><br><div><span style="color:rgb(212,212,212)">acl avpc dstdomain crop-assessment.acusensus-vpc</span></div><div><span style="color:rgb(212,212,212)">http_access deny port_80 avpc</span></div><div><span style="color:rgb(212,212,212)">deny_info 302:<company url> avpc</span></div><br><br><div><span style="color:rgb(106,153,85)"># Deny HTTP</span></div><div><span style="color:rgb(212,212,212)">http_access deny port_80</span></div><br><div><span style="color:rgb(106,153,85)"># Whitelist of allowed sites</span></div><div><span style="color:rgb(212,212,212)">acl allowed_http_sites dstdomain </span><span style="color:rgb(206,145,120)">"/etc/squid/squid.allowed.sites.txt"</span></div><div><span style="color:rgb(212,212,212)">http_access allow allowed_http_sites vpc_cidr</span></div><br><div><span style="color:rgb(106,153,85)"># And finally deny all other access to this proxy</span></div><div><span style="color:rgb(212,212,212)">http_access deny all</span></div><br><div><span style="color:rgb(106,153,85)"># Squid normally listens to port 3128</span></div><div><span style="color:rgb(212,212,212)">http_port 3128 ssl-bump </span><span style="color:rgb(86,156,214)">cert</span><span style="color:rgb(212,212,212)">=/etc/squid/cert.pem</span></div><div><span style="color:rgb(212,212,212)">acl allowed_https_sites ssl::server_name </span><span style="color:rgb(206,145,120)">"/etc/squid/squid.allowed.sites.txt"</span></div><div><span style="color:rgb(212,212,212)">acl step1 at_step SslBump1</span></div><div><span style="color:rgb(212,212,212)">acl step2 at_step SslBump2</span></div><div><span style="color:rgb(212,212,212)">acl step3 at_step SslBump3</span></div><div><span style="color:rgb(212,212,212)">ssl_bump peek step1 all</span></div><div><span style="color:rgb(212,212,212)">ssl_bump peek step2 allowed_https_sites</span></div><div><span style="color:rgb(212,212,212)">ssl_bump splice step3 allowed_https_sites</span></div><div><span style="color:rgb(212,212,212)">ssl_bump terminate step2 all</span></div><br><div><span style="color:rgb(106,153,85)"># Uncomment and adjust the following to add a disk cache directory.</span></div><div><span style="color:rgb(106,153,85)">#cache_dir ufs /var/spool/squid 100 16 256</span></div><br><div><span style="color:rgb(106,153,85)"># Leave coredumps in the first cache dir</span></div><div><span style="color:rgb(212,212,212)">coredump_dir /var/spool/squid</span></div><div><span style="color:rgb(106,153,85)">#</span></div><div><span style="color:rgb(106,153,85)"># Add any of your own refresh_pattern entries above these.</span></div><div><span style="color:rgb(106,153,85)">#</span></div><div><span style="color:rgb(212,212,212)">refresh_pattern ^ftp:       1440    20% 10080</span></div><div><span style="color:rgb(212,212,212)">refresh_pattern ^gopher:    1440    0%  1440</span></div><div><span style="color:rgb(212,212,212)">refresh_pattern -i (/cgi-bin/|\?) 0 0%  0</span></div><div><span style="color:rgb(212,212,212)">refresh_pattern .       0   20% 4320</span></div><br><br></div></div></blockquote><div><br></div><div>Squid 3.5 is running on an EC2 instance running Amazon Linux 2. I'll answer the questions you asked Ben for extra info.</div><div>ip address:</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000<br>    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00<br>    inet <a href="http://127.0.0.1/8">127.0.0.1/8</a> scope host lo<br>       valid_lft forever preferred_lft forever<br>    inet6 ::1/128 scope host <br>       valid_lft forever preferred_lft forever<br>2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc mq state UP group default qlen 1000<br>    link/ether 02:1b:15:b8:9a:06 brd ff:ff:ff:ff:ff:ff<br>    inet <a href="http://10.0.12.111/24">10.0.12.111/24</a> brd 10.0.12.255 scope global dynamic eth0<br>       valid_lft 2393sec preferred_lft 2393sec<br>    inet6 fe80::1b:15ff:feb8:9a06/64 scope link <br>       valid_lft forever preferred_lft forever<br></div></blockquote><div><br></div><div>ip rule</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>0:  from all lookup local <br>32766:  from all lookup main <br>32767:   from all lookup default </div></blockquote><div><br></div><div>ip route show</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>default via 10.0.12.1 dev eth0 <br><a href="http://10.0.12.0/24">10.0.12.0/24</a> dev eth0 proto kernel scope link src 10.0.12.111 <br>169.254.169.254 dev eth0 <br></div></blockquote><div><br></div><div>ip route show table 100</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><br></div></blockquote><div><br></div><div>iptables-save</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><br></div></blockquote><div><br></div><div>squid -v<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Squid Cache: Version 3.5.20<br>Service Name: squid<br>configure options:  '--build=x86_64-koji-linux-gnu' '--host=x86_64-koji-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-strict-error-checking' '--exec_prefix=/usr' '--libexecdir=/usr/lib64/squid' '--localstatedir=/var' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--with-logdir=$(localstatedir)/log/squid' '--with-pidfile=$(localstatedir)/run/squid.pid' '--disable-dependency-tracking' '--enable-eui' '--enable-follow-x-forwarded-for' '--enable-auth' '--enable-auth-basic=DB,LDAP,MSNT-multi-domain,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB,SMB_LM,getpwnam' '--enable-auth-ntlm=smb_lm,fake' '--enable-auth-digest=file,LDAP,eDirectory' '--enable-auth-negotiate=kerberos' '--enable-external-acl-helpers=file_userip,LDAP_group,time_quota,session,unix_group,wbinfo_group,kerberos_ldap_group' '--enable-cache-digests' '--enable-cachemgr-hostname=localhost' '--enable-delay-pools' '--enable-epoll' '--enable-ident-lookups' '--enable-linux-netfilter' '--enable-removal-policies=heap,lru' '--enable-snmp' '--enable-ssl-crtd' '--enable-storeio=aufs,diskd,rock,ufs' '--enable-wccpv2' '--enable-esi' '--enable-ecap' '--with-aio' '--with-default-user=squid' '--with-dl' '--with-openssl' '--with-pthreads' '--disable-arch-native' 'build_alias=x86_64-koji-linux-gnu' 'host_alias=x86_64-koji-linux-gnu' 'CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches    -m64 -mtune=generic -fpie' 'LDFLAGS=-Wl,-z,relro  -pie -Wl,-z,relro -Wl,-z,now' 'CXXFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches    -m64 -mtune=generic -fpie' 'PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig'<br></blockquote></div><div><br></div><div>uname -a<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Linux ip-10-0-12-111.ap-southeast-2.compute.internal 4.14.231-173.361.amzn2.x86_64 #1 SMP Mon Apr 26 20:57:08 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux<br></blockquote></div><div><br></div><div>Regards,</div><div><br></div><div><div dir="ltr" style="margin-left:0pt" align="left"><table style="border:none;border-collapse:collapse"><colgroup><col width="181"><col width="229"></colgroup><tbody><tr style="height:0pt"><td style="border-left:solid #ffffff 1pt;border-right:solid #4a86e8 1pt;border-bottom:solid #ffffff 1pt;border-top:solid #ffffff 1pt;vertical-align:top;padding:5pt 5pt 5pt 5pt;overflow:hidden"><p dir="ltr" style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:167px;height:130px"><img src="https://lh4.googleusercontent.com/PjzOtuo8wRwonOYtyjVEsTHphPFdwgM8H79UkQ5H--uLWS_Wje0pIvRFGgiiaYF8CohhfacA5LpIBIck7fEou91YR_e95GyEd53ubLzjKbgTVaqvhdESRKKiWZqDxUYAmOApJr47" style="margin-left:0px;margin-top:0px" width="167" height="130"></span></span></p></td><td style="border-left:solid #4a86e8 1pt;border-right:solid #ffffff 1pt;border-bottom:solid #ffffff 1pt;border-top:solid #ffffff 1pt;vertical-align:top;padding:5pt 5pt 5pt 5pt;overflow:hidden"><p dir="ltr" style="line-height:1.728;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11.5pt;font-family:Arial;color:#2e80b5;background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap">David Mills</span></p><p dir="ltr" style="line-height:1.728;margin-top:0pt;margin-bottom:0pt"><span style="font-size:9pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap">Senior DevOps Engineer</span></p><br><p dir="ltr" style="line-height:1.44;margin-right:5pt;margin-top:0pt;margin-bottom:5pt"><span style="font-size:9pt;font-family:Arial;color:#3388cc;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap"> </span><span style="font-size:9pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap">E: </span><span style="font-size:9pt;font-family:Arial;color:#2e80b5;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap"><a href="mailto:david.mills@acusensus.com" target="_blank">david.mills@acusensus.com</a></span></p><p dir="ltr" style="line-height:1.44;margin-right:5pt;margin-top:0pt;margin-bottom:5pt"><span style="font-size:9pt;font-family:Arial;color:#3388cc;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap"> </span><span style="font-size:9pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap">M:</span><span style="font-size:9pt;font-family:Arial;color:#3388cc;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap"> </span><span style="font-size:9pt;font-family:Arial;color:#2e80b5;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap">+61 411 513 404</span></p><p dir="ltr" style="line-height:1.44;margin-top:0pt;margin-bottom:0pt"><span style="font-size:9pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap"> W:</span><a href="http://acusensus.com/" style="text-decoration:none" target="_blank"><span style="font-size:9pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:underline;vertical-align:baseline;white-space:pre;white-space:pre-wrap"> </span><span style="font-size:9pt;font-family:Arial;color:#1155cc;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:underline;vertical-align:baseline;white-space:pre;white-space:pre-wrap">acusensus.com</span></a></p><br></td></tr></tbody></table></div><br><br></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, 7 Jul 2021 at 20:53, Eliezer Croitoru <<a href="mailto:ngtech1ltd@gmail.com">ngtech1ltd@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hey David,<br>
<br>
Just wondering if you have seen the apt related docs at:<br>
<a href="https://help.ubuntu.com/community/AptGet/Howto/#Setting_up_apt-get_to_use_a_http-proxy" rel="noreferrer" target="_blank">https://help.ubuntu.com/community/AptGet/Howto/#Setting_up_apt-get_to_use_a_http-proxy</a><br>
<br>
Eliezer<br>
<br>
From: squid-users <<a href="mailto:squid-users-bounces@lists.squid-cache.org" target="_blank">squid-users-bounces@lists.squid-cache.org</a>> On Behalf Of David Mills<br>
Sent: Wednesday, July 7, 2021 2:26 AM<br>
To: <a href="mailto:squid-users@lists.squid-cache.org" target="_blank">squid-users@lists.squid-cache.org</a><br>
Subject: [squid-users] Ubuntu 20.04 "apt update" issues behind a VPN and Squid proxy<br>
<br>
Hi,<br>
<br>
We've got a collection of Ubuntu 18.04 boxes out in the field. They connect to an AWS OpenVPN VPN and use a Squid 3.5 AWS hosted Proxy. They work fine.<br>
<br>
We have tried upgrading one to 20.04. Same setup. From the command line curl or wget can happily download an Ubuntu package from the Ubuntu Mirror site we use. But "apt update" gets lots of "IGN:" timeouts and errors.<br>
<br>
The package we test curl with is <a href="https://mirror.aarnet.edu.au/ubuntu/pool/main/c/curl/curl_7.68.0-1ubuntu2.5_amd64.deb" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu/pool/main/c/curl/curl_7.68.0-1ubuntu2.5_amd64.deb</a><br>
<br>
The Squid log shows a line the doesn't occur for the successful 18.04 "apt updates":<br>
1625190959.233     81 10.0.11.191 TAG_NONE/200 0 CONNECT <a href="http://mirror.aarnet.edu.au:443" rel="noreferrer" target="_blank">http://mirror.aarnet.edu.au:443</a> - HIER_DIRECT/2001:388:30bc:cafe::beef -<br>
<br>
The full output of an attempt to update is:<br>
Ign:1 <a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal InRelease                                              <br>
Ign:2 <a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal-updates InRelease                                      <br>
Ign:3 <a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal-backports InRelease                                    <br>
Ign:4 <a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal-security InRelease                                     <br>
Err:5 <a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal Release                                                <br>
  Could not wait for server fd - select (11: Resource temporarily unavailable) [IP: 10.0.11.82 3128]<br>
Err:6 <a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal-updates Release                                        <br>
  Could not wait for server fd - select (11: Resource temporarily unavailable) [IP: 10.0.11.82 3128]<br>
Err:7 <a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal-backports Release                                      <br>
  Could not wait for server fd - select (11: Resource temporarily unavailable) [IP: 10.0.11.82 3128]<br>
Err:8 <a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal-security Release                                       <br>
  Could not wait for server fd - select (11: Resource temporarily unavailable) [IP: 10.0.1.26 3128]<br>
Reading package lists... Done                                                                          <br>
N: Ignoring file 'microsoft-prod.list-keep' in directory '/etc/apt/sources.list.d/' as it has an invalid filename extension<br>
E: The repository '<a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal Release' does not have a Release file.<br>
N: Updating from such a repository can't be done securely, and is therefore disabled by default.<br>
N: See apt-secure(8) manpage for repository creation and user configuration details.<br>
E: The repository '<a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal-updates Release' does not have a Release file.<br>
N: Updating from such a repository can't be done securely, and is therefore disabled by default.<br>
N: See apt-secure(8) manpage for repository creation and user configuration details.<br>
E: The repository '<a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal-backports Release' does not have a Release file.<br>
N: Updating from such a repository can't be done securely, and is therefore disabled by default.<br>
N: See apt-secure(8) manpage for repository creation and user configuration details.<br>
E: The repository '<a href="https://mirror.aarnet.edu.au/ubuntu" rel="noreferrer" target="_blank">https://mirror.aarnet.edu.au/ubuntu</a> focal-security Release' does not have a Release file.<br>
N: Updating from such a repository can't be done securely, and is therefore disabled by default.<br>
N: See apt-secure(8) manpage for repository creation and user configuration details.<br>
<br>
While running, the line<br>
0% [Connecting to HTTP proxy (<a href="http://vpn-proxy-d68aca8a8f7f81d6.elb.ap-southeast-2.amazonaws.com:3128" rel="noreferrer" target="_blank">http://vpn-proxy-d68aca8a8f7f81d6.elb.ap-southeast-2.amazonaws.com:3128</a>)]<br>
appears often and hang for a while.<br>
<br>
I've tried upping the squid logging and allowing all, but they didn't offer any additional information about the issue.<br>
<br>
Any advice would be greatly appreciated.<br>
<br>
Regards,<br>
<br>
<br>
David Mills<br>
Senior DevOps Engineer<br>
<br>
 E: mailto:<a href="mailto:david.mills@acusensus.com" target="_blank">david.mills@acusensus.com</a><br>
 M: +61 411 513 404<br>
 W:<a href="http://acusensus.com/" rel="noreferrer" target="_blank">http://acusensus.com/</a><br>
<br>
<br>
<br>
DISCLAIMER: Acusensus puts the privacy and security of its clients, its data and information at the core of everything we do. The information contained in this email (including attachments) is intended only for the use of the person(s) to whom it is addressed to, as it may be confidential and contain legally privileged information. If you have received this email in error, please delete all copies and notify the sender immediately. Any views or opinions presented are solely those of the author and do not necessarily represent the views of Acusensus Pty Ltd. Please consider the environment before printing this email.<br>
<br>
</blockquote></div>

<br>
<font size="2">DISCLAIMER: Acusensus puts the privacy and security of its clients, its data and information at the core of everything we do. The information contained in this email (including attachments) is intended only for the use of the person(s) to whom it is addressed to, as it may be confidential and contain legally privileged information. If you have received this email in error, please delete all copies and notify the sender immediately. Any views or opinions presented are
solely those of the author and do not necessarily represent the views of Acusensus
Pty Ltd. Please consider the environment
before printing this email.</font>