<div dir="ltr">Hi<div><br></div><div>Further discussion happened on <a href="https://bugs.squid-cache.org/show_bug.cgi?id=5274">https://bugs.squid-cache.org/show_bug.cgi?id=5274</a> and has more details.<br></div><div><br></div><div>But yes, the issue is the same for a connection just from squid logs: how to know if a request has passed or failed.</div><div><br></div><div>Regards</div><div>Sachin</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Jun 12, 2023 at 1:51 PM <<a href="mailto:ngtech1ltd@gmail.com">ngtech1ltd@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hey Sachin,<br>
<br>
What's the issue?<br>
That the logs don't reflect the reality?<br>
<br>
Thanks,<br>
Eliezer<br>
<br>
<br>
From: squid-users <<a href="mailto:squid-users-bounces@lists.squid-cache.org" target="_blank">squid-users-bounces@lists.squid-cache.org</a>> On Behalf Of sachin gupta<br>
Sent: Thursday, May 25, 2023 18:21<br>
To: <a href="mailto:squid-users@lists.squid-cache.org" target="_blank">squid-users@lists.squid-cache.org</a><br>
Subject: [squid-users] TCP_TUNNEL/500 in squid logs in squid 5.9<br>
<br>
Hi All<br>
<br>
We are migrating for squid 4.15 to squid 5.9. We are running our existing test suite to check if we pass our sanity testing.<br>
<br>
For requests in transparent mode, though request passes and client get 200, in squid logs we are getting TCP_TUNNEL/500. We were not getting this issue with squid 4.15.<br>
<br>
Client logs<br>
<br>
curl -v <a href="https://origin/cache/0" rel="noreferrer" target="_blank">https://origin/cache/0</a><br>
* Trying 10.80.96.68:443...<br>
* TCP_NODELAY set<br>
* Connected to origin (10.80.96.68) port 443 (#0)<br>
* ALPN, offering h2<br>
* ALPN, offering http/1.1<br>
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH<br>
* successfully set certificate verify locations:<br>
* CAfile: /etc/pki/tls/certs/ca-bundle.crt<br>
CApath: none<br>
* TLSv1.2 (OUT), TLS header, Certificate Status (22):<br>
* TLSv1.2 (OUT), TLS handshake, Client hello (1):<br>
* TLSv1.2 (IN), TLS handshake, Server hello (2):<br>
* TLSv1.2 (IN), TLS handshake, Certificate (11):<br>
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):<br>
* TLSv1.2 (IN), TLS handshake, Server finished (14):<br>
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):<br>
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):<br>
* TLSv1.2 (OUT), TLS handshake, Finished (20):<br>
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):<br>
* TLSv1.2 (IN), TLS handshake, Finished (20):<br>
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA<br>
* ALPN, server did not agree to a protocol<br>
* Server certificate:<br>
* subject: C=US; ST=CA; L=SF; O=SFDC; OU=0:ns.tester;1:mvp;2:mist51;3:na44;4:dev1; CN=origin<br>
* start date: Jul 26 06:59:41 2022 GMT<br>
* expire date: Jul 26 06:59:41 2023 GMT<br>
* subjectAltName: host "origin" matched cert's "origin"<br>
* issuer: C=US; ST=CA; L=SF; O=SFDC; OU=Edge; CN=ca<br>
* SSL certificate verify ok.<br>
> GET /cache/0 HTTP/1.1<br>
> Host: origin<br>
> User-Agent: curl/7.67.0<br>
> Accept: */*<br>
> <br>
* Mark bundle as not supporting multiuse<br>
< HTTP/1.1 200 OK<br>
< Server: origin<br>
< Date: Thu, 25 May 2023 15:08:57 GMT<br>
< Connection: close<br>
< Content-Type: application/json<br>
< Content-Length: 162<br>
< Cache-Control: public, max-age=0<br>
< Access-Control-Allow-Origin: *<br>
< Access-Control-Allow-Credentials: true<br>
< <br>
{"args":{},"headers":{"Accept":"*/*","Host":"origin","User-Agent":"curl/7.67.0","X-Origin-Server":"origin"},"origin":"10.80.96.3","url":"<a href="https://origin/cache/0" rel="noreferrer" target="_blank">https://origin/cache/0</a>"}<br>
* Closing connection 0<br>
* TLSv1.2 (OUT), TLS alert, close notify (256):<br>
<br>
Squid access logs<br>
<br>
[25/May/2023:15:08:57] 31 <a href="http://10.80.96.6:51028" rel="noreferrer" target="_blank">http://10.80.96.6:51028</a> - NONE_NONE/000 0 CONNECT <a href="http://10.80.96.68:443" rel="noreferrer" target="_blank">http://10.80.96.68:443</a> tester HIER_NONE/- - - tester 746573746572 dagobah [-] - [-] - [-] - 0 0 - - [origin]<br>
[25/May/2023:15:08:57] 40 <a href="http://10.80.96.6:51028" rel="noreferrer" target="_blank">http://10.80.96.6:51028</a> - TCP_TUNNEL/500 800 CONNECT origin:443 tester HIER_DIRECT/origin 10.80.96.68 - tester 746573746572 dagobah [-] - [-] - [-] - 1969 2769 4 33 [origin]<br>
<br>
Can someone please help in this.<br>
<br>
Regards<br>
Sachin<br>
<br>
_______________________________________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org" target="_blank">squid-users@lists.squid-cache.org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><br>
</blockquote></div>