<div dir="ltr">Hi all,<br><br>Thanks for the replies.<div><br>I have included the requested output from tcpdump below:</div><div><div><br></div><div> tcpdump -A -s 0 -ni enp4s0 "host 159.203.14.9 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&<br>0xf0)>>2)) != 0)"</div><div>tcpdump: verbose output suppressed, use -v[v]... for full protocol decode<br>listening on enp4s0, link-type EN10MB (Ethernet), snapshot length 262144 bytes</div><div><br>01:40:17.310479 IP 10.0.160.10.43426 > 159.203.14.9.1996: Flags [P.], seq 2955630477:2955630939, ack 2382737005, win 502, options [nop,nop,TS val 3000375654 ecr 1932743995], length 462<br>E....:@.?.7.<br>..<br>... .....+W....m....Y......<br>...fs3U;GET <a href="http://nintendo.com/">http://nintendo.com/</a> HTTP/1.1<br>User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0<br>Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8<br>Accept-Language: en-GB,en;q=0.5<br>Accept-Encoding: gzip, deflate<br>Upgrade-Insecure-Requests: 1<br>Host: <a href="http://nintendo.com">nintendo.com</a><br>Via: 1.1 dce3749b9671 (squid/5.6)<br>X-Forwarded-For: 10.0.130.210<br>Cache-Control: max-age=259200<br>Connection: keep-alive<br><br><br>01:40:18.957475 IP 159.203.14.9.1996 > 10.0.160.10.43426: Flags [P.], seq 1:1466, ack 462, win 114, options [nop,nop,TS val 1932744407 ecr 3000375654], length 1465<br>E....@@.3......<br>..<br>.......m.+Y[...r]......<br>s3V....fHTTP/1.1 200 OK<br>x-powered-by: Express<br>content-type: text/html; charset=iso-8859-1<br>transfer-encoding:<br>date: Wed, 26 Oct 2022 00:40:20 GMT<br>connection: close<br><br><!DOCTYPE html PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><br><!-- this automatically loads the hallway after 20 seconds --><br><meta http-equiv="refresh" content="20; url=<a href="http://nintendo.com//./hallway/index.html">http://nintendo.com//./hallway/index.html</a>"><br><title>Nintendo Power Source</title><br><br><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Oct 25, 2022 at 2:08 PM Alex Rousskov <<a href="mailto:rousskov@measurement-factory.com">rousskov@measurement-factory.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 10/23/22 20:36, Matthew H wrote:<br>
> Hi,<br>
> <br>
> I'm using Squid to proxy HTTP requests to another proxy. I can see squid <br>
> sending the request to the parent and getting a response, but it sends <br>
> the client that initiated the request a 502 Bad Gateway response.<br>
> <br>
> On closer inspection it appears the parent proxy is sending an <br>
> empty transfer-encoding header, and this is causing Squid to send a 502. <br>
<br>
Do you know whether the response body was using chunked (or any other <br>
non-identity) encoding? I have already added your case to the list of <br>
known rejected responses[1], but it would be good to update that with <br>
the information on the actual response encoding.<br>
<br>
[1] <a href="https://github.com/squid-cache/squid/pull/702#issuecomment-762459132" rel="noreferrer" target="_blank">https://github.com/squid-cache/squid/pull/702#issuecomment-762459132</a><br>
<br>
If the very first bytes of the response are "<html" or similar, then no <br>
encoding was probably applied. If you see what can be interpreted as a <br>
small hex number followed by a new line, then chunked encoding was <br>
probably applied (at least). If you cannot tell, or are not sure, feel <br>
free to share the response packet in libpcap format, captured with <br>
wireshark or "tcpdump -s0".<br>
<br>
<br>
Thank you,<br>
<br>
Alex.<br>
<br>
<br>
<br>
> 2022/10/24 00:23:59.106| ctx: enter level 0: '<a href="http://nintendo.com/" rel="noreferrer" target="_blank">http://nintendo.com/</a> <br>
> <<a href="http://nintendo.com/" rel="noreferrer" target="_blank">http://nintendo.com/</a>>'<br>
> 2022/10/24 00:23:59.106| 11,3| http.cc(666) processReplyHeader: <br>
> processReplyHeader: key '19010000000000000C00000000000000'<br>
> 2022/10/24 00:23:59.106| 11,2| http.cc(720) processReplyHeader: HTTP <br>
> Server conn294 local=<a href="http://172.25.0.3:57802" rel="noreferrer" target="_blank">172.25.0.3:57802</a> <br>
> <<a href="http://172.25.0.3:57802/" rel="noreferrer" target="_blank">http://172.25.0.3:57802/</a>> remote=<a href="http://159.203.14.9:1996" rel="noreferrer" target="_blank">159.203.14.9:1996</a> <br>
> <<a href="http://159.203.14.9:1996/" rel="noreferrer" target="_blank">http://159.203.14.9:1996/</a>> FIRSTUP_PARENT FD 26 flags=1<br>
> 2022/10/24 00:23:59.106| 11,2| http.cc(721) processReplyHeader: HTTP <br>
> Server RESPONSE:<br>
> ---------<br>
> HTTP/1.1 200 OK<br>
> x-powered-by: Express<br>
> content-type: text/html; charset=iso-8859-1<br>
> transfer-encoding:<br>
> date: Mon, 24 Oct 2022 00:23:57 GMT<br>
> connection: close<br>
> <br>
> ----------<br>
> 2022/10/24 00:23:59.106| 55,3| HttpHeader.cc(882) getList: empty list <br>
> header: Transfer-Encoding(Transfer-Encoding[63])<br>
> 2022/10/24 00:23:59.106| 55,2| HttpHeader.cc(559) parse: WARNING: <br>
> unsupported Transfer-Encoding used by client:<br>
> 2022/10/24 00:23:59.106| ctx: exit level 0<br>
> 2022/10/24 00:23:59.106| 20,3| store.cc(1673) reset: <br>
> <a href="http://nintendo.com/" rel="noreferrer" target="_blank">http://nintendo.com/</a> <<a href="http://nintendo.com/" rel="noreferrer" target="_blank">http://nintendo.com/</a>><br>
> 2022/10/24 00:23:59.107| 17,3| FwdState.cc(492) fail: ERR_INVALID_RESP <br>
> "Bad Gateway"<br>
> <a href="http://nintendo.com/" rel="noreferrer" target="_blank">http://nintendo.com/</a> <<a href="http://nintendo.com/" rel="noreferrer" target="_blank">http://nintendo.com/</a>><br>
> 2022/10/24 00:23:59.107| 17,3| FwdState.cc(533) unregister: <br>
> <a href="http://nintendo.com/" rel="noreferrer" target="_blank">http://nintendo.com/</a> <<a href="http://nintendo.com/" rel="noreferrer" target="_blank">http://nintendo.com/</a>><br>
> <br>
> _______________________________________________<br>
> squid-users mailing list<br>
> <a href="mailto:squid-users@lists.squid-cache.org" target="_blank">squid-users@lists.squid-cache.org</a><br>
> <a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><br>
<br>
_______________________________________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org" target="_blank">squid-users@lists.squid-cache.org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><br>
</blockquote></div>