[squid-users] intercept squid 3.5.1, http://mail.ru

Dima Ermakov demonihin at gmail.com
Fri Feb 13 18:32:29 UTC 2015 

Good day!

I have a problem with squid proxy in intercept ssl_bump mode.

If I want to attach big file (>25MB) to my e-mail message on https://mail.ru
web site, I have error "Can not upload file".

Into access.log I have errors: TCP_MISS_ABORTED/000

My squid configuration, access.log, cache.log in attachment.
Thank you!

-- 
С уважением, Дмитрий Ермаков.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150213/43c530ae/attachment.html>
-------------- next part --------------
2015/02/13 21:16:42 kid1| Current Directory is /
2015/02/13 21:16:42 kid1| Starting Squid Cache version 3.5.1 for i486-pc-linux-gnu...
2015/02/13 21:16:42 kid1| Service Name: squid
2015/02/13 21:16:42 kid1| Process ID 32428
2015/02/13 21:16:42 kid1| Process Roles: worker
2015/02/13 21:16:42 kid1| With 65535 file descriptors available
2015/02/13 21:16:42 kid1| Initializing IP Cache...
2015/02/13 21:16:42 kid1| DNS Socket created at [::], FD 7
2015/02/13 21:16:42 kid1| DNS Socket created at 0.0.0.0, FD 8
2015/02/13 21:16:42 kid1| Adding nameserver 8.8.8.8 from /etc/resolv.conf
2015/02/13 21:16:42 kid1| helperOpenServers: Starting 5/50 'ssl_crtd' processes
2015/02/13 21:16:42 kid1| Logfile: opening log daemon:/var/log/squid3/access.log
2015/02/13 21:16:42 kid1| Logfile Daemon: opening log /var/log/squid3/access.log
2015/02/13 21:16:42 kid1| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2015/02/13 21:16:42 kid1| Store logging disabled
2015/02/13 21:16:42 kid1| Swap maxSize 0 + 262144 KB, estimated 20164 objects
2015/02/13 21:16:42 kid1| Target number of buckets: 1008
2015/02/13 21:16:42 kid1| Using 8192 Store buckets
2015/02/13 21:16:42 kid1| Max Mem  size: 262144 KB
2015/02/13 21:16:42 kid1| Max Swap size: 0 KB
2015/02/13 21:16:42 kid1| Using Least Load store dir selection
2015/02/13 21:16:42 kid1| Current Directory is /
2015/02/13 21:16:42 kid1| Finished loading MIME types and icons.
2015/02/13 21:16:42 kid1| HTCP Disabled.
2015/02/13 21:16:42 kid1| Squid plugin modules loaded: 0
2015/02/13 21:16:42 kid1| Adaptation support is off.
2015/02/13 21:16:42 kid1| Accepting HTTP Socket connections at local=[::]:3130 remote=[::] FD 23 flags=9
2015/02/13 21:16:42 kid1| Accepting NAT intercepted HTTP Socket connections at local=[::]:3128 remote=[::] FD 24 flags=41
2015/02/13 21:16:42 kid1| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=[::]:3127 remote=[::] FD 25 flags=41
2015/02/13 21:16:43 kid1| storeLateRelease: released 0 objects
2015/02/13 21:17:26 kid1| Preparing for shutdown after 66 requests
2015/02/13 21:17:26 kid1| Waiting 30 seconds for active connections to finish
2015/02/13 21:17:26 kid1| Closing HTTP port [::]:3130
2015/02/13 21:17:26 kid1| Closing HTTP port [::]:3128
2015/02/13 21:17:26 kid1| Closing HTTPS port [::]:3127
2015/02/13 21:17:26 kid1| Shutdown: NTLM authentication.
2015/02/13 21:17:26 kid1| Shutdown: Negotiate authentication.
2015/02/13 21:17:26 kid1| Shutdown: Digest authentication.
2015/02/13 21:17:26 kid1| Shutdown: Basic authentication.
2015/02/13 21:17:57 kid1| Shutting down...
2015/02/13 21:17:57 kid1| storeDirWriteCleanLogs: Starting...
2015/02/13 21:17:57 kid1|   Finished.  Wrote 0 entries.
2015/02/13 21:17:57 kid1|   Took 0.00 seconds (  0.00 entries/sec).
CPU Usage: 0.880 seconds = 0.660 user + 0.220 sys
Maximum Resident Size: 87968 KB
Page faults with physical i/o: 0
2015/02/13 21:17:57 kid1| Logfile: closing log daemon:/var/log/squid3/access.log
2015/02/13 21:17:57 kid1| Logfile Daemon: closing log daemon:/var/log/squid3/access.log
2015/02/13 21:17:57 kid1| Open FD UNSTARTED     7 DNS Socket IPv6
2015/02/13 21:17:57 kid1| Open FD READ/WRITE    8 DNS Socket IPv4
2015/02/13 21:17:57 kid1| Open FD READ/WRITE   10 ssl_crtd #1
2015/02/13 21:17:57 kid1| Open FD UNSTARTED    12 ssl_crtd #2
2015/02/13 21:17:57 kid1| Open FD UNSTARTED    14 ssl_crtd #3
2015/02/13 21:17:57 kid1| Open FD UNSTARTED    16 ssl_crtd #4
2015/02/13 21:17:57 kid1| Open FD UNSTARTED    18 ssl_crtd #5
2015/02/13 21:17:57 kid1| Open FD UNSTARTED    21 IPC UNIX STREAM Parent
2015/02/13 21:17:57 kid1| Squid Cache (Version 3.5.1): Exiting normally.
-------------- next part --------------
acl localnet src 192.168.100.0/24

acl SSL_ports port 443
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443		# https
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 777		# multiling http
acl CONNECT method CONNECT

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

http_access allow localhost manager
http_access deny manager



http_access allow localnet
http_access allow localhost

http_access deny all

http_port 3130

http_port 3128 intercept
https_port 3127 intercept ssl-bump generate-host-certificates=on 
dynamic_cert_mem_cache_size=8MB cert=/etc/squid3/ssl_certs/squidCA.pem
acl broken_sites dstdomain .example.com

acl broken_sites dstdomain "/etc/squid3/adapted_sites/files.mail.ru"




sslproxy_cafile /etc/ssl/certs/ca-certificates.crt
ssl_bump none localhost
ssl_bump none broken_sites
ssl_bump server-first all
sslcrtd_program /usr/lib/squid3/ssl_crtd -s /var/squid/ssl_db -M 4MB
sslcrtd_children 50


acl no_cache dstdomain "/etc/squid3/adapted_sites/files.mail.ru"
cache deny no_cache
cache allow all


refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern .		0	20%	4320

-------------- next part --------------
1423851413.365    235 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.150:443 - ORIGINAL_DST/217.69.141.150 -
1423851413.368    228 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.150:443 - ORIGINAL_DST/217.69.141.150 -
1423851413.565    178 192.168.100.111 TCP_MISS/410 291 GET https://jim24.mail.ru/connect? - ORIGINAL_DST/217.69.141.150 text/html
1423851413.570    228 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.150:443 - ORIGINAL_DST/217.69.141.150 -
1423851413.670     81 192.168.100.111 TCP_MISS/410 291 POST https://jim24.mail.ru/helper? - ORIGINAL_DST/217.69.141.150 text/html
1423851413.904    233 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.180.77:443 - ORIGINAL_DST/94.100.180.77 -
1423851413.943    240 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.139.56:443 - ORIGINAL_DST/217.69.139.56 -
1423851413.950    236 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.139.56:443 - ORIGINAL_DST/217.69.139.56 -
1423851413.974    309 192.168.100.111 TAG_NONE/200 0 CONNECT 185.5.137.172:443 - ORIGINAL_DST/185.5.137.172 -
1423851414.018    312 192.168.100.111 TAG_NONE/200 0 CONNECT 185.5.137.172:443 - ORIGINAL_DST/185.5.137.172 -
1423851414.051    244 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.181.219:443 - ORIGINAL_DST/94.100.181.219 -
1423851414.117    154 192.168.100.111 TCP_MISS/200 651 GET https://jiml.mail.ru/user/status? - ORIGINAL_DST/217.69.139.56 application/json
1423851414.202    175 192.168.100.111 TCP_MISS/200 329 GET https://waerr.radar.imgsmail.ru/update? - ORIGINAL_DST/185.5.137.172 image/gif
1423851414.210    151 192.168.100.111 TCP_MISS/200 408 GET https://rs.mail.ru/d1346376.gif? - ORIGINAL_DST/94.100.181.219 image/gif
1423851414.249     77 192.168.100.111 TCP_MISS/200 408 GET https://rs.mail.ru/d706711.gif? - ORIGINAL_DST/94.100.180.77 image/gif
1423851414.550    313 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.180.174:443 - ORIGINAL_DST/94.100.180.174 -
1423851414.673    309 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.139.174:443 - ORIGINAL_DST/217.69.139.174 -
1423851414.777    306 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.151:443 - ORIGINAL_DST/217.69.141.151 -
1423851414.834    154 192.168.100.111 TCP_MISS/200 329 GET https://mrilog.mail.ru/empty.gif? - ORIGINAL_DST/217.69.139.174 image/gif
1423851414.955    167 192.168.100.111 TCP_MISS/200 2462 GET https://jim25.mail.ru/communicate.html? - ORIGINAL_DST/217.69.141.151 text/html
1423851415.299    233 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.190.95:443 - ORIGINAL_DST/94.100.190.95 -
1423851415.450    303 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.151:443 - ORIGINAL_DST/217.69.141.151 -
1423851415.626    163 192.168.100.111 TCP_MISS/200 669 GET https://jim25.mail.ru/connect? - ORIGINAL_DST/217.69.141.151 application/json
1423851416.000    307 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.151:443 - ORIGINAL_DST/217.69.141.151 -
1423851416.014    310 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.151:443 - ORIGINAL_DST/217.69.141.151 -
1423851416.106     83 192.168.100.111 TCP_MISS/200 669 GET https://jim25.mail.ru/connect? - ORIGINAL_DST/217.69.141.151 application/json
1423851416.245     80 192.168.100.111 TCP_MISS/200 394 POST https://jim25.mail.ru/wp? - ORIGINAL_DST/217.69.141.151 text/html
1423851416.410    232 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.151:443 - ORIGINAL_DST/217.69.141.151 -
1423851416.420    236 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.151:443 - ORIGINAL_DST/217.69.141.151 -
1423851416.506     78 192.168.100.111 TCP_MISS/200 957 GET https://jim25.mail.ru/connect? - ORIGINAL_DST/217.69.141.151 application/json
1423851416.619     80 192.168.100.111 TCP_MISS/200 394 POST https://jim25.mail.ru/wp? - ORIGINAL_DST/217.69.141.151 text/html
1423851416.792    242 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.151:443 - ORIGINAL_DST/217.69.141.151 -
1423851416.796    241 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.151:443 - ORIGINAL_DST/217.69.141.151 -
1423851416.909     96 192.168.100.111 TCP_MISS/200 721 GET https://jim25.mail.ru/connect? - ORIGINAL_DST/217.69.141.151 application/json
1423851433.265    253 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.181.219:443 - ORIGINAL_DST/94.100.181.219 -
1423851433.284    267 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.181.219:443 - ORIGINAL_DST/94.100.181.219 -
1423851433.442     77 192.168.100.111 TCP_MISS/200 408 GET https://rs.mail.ru/d440893.gif? - ORIGINAL_DST/94.100.181.219 image/gif
1423851433.508    242 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.181.219:443 - ORIGINAL_DST/94.100.181.219 -
1423851433.592     76 192.168.100.111 TCP_MISS/200 321 GET https://rs.mail.ru/sb440893.gif? - ORIGINAL_DST/94.100.181.219 image/gif
1423851433.735    251 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.181.219:443 - ORIGINAL_DST/94.100.181.219 -
1423851436.106    249 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.190.95:443 - ORIGINAL_DST/94.100.190.95 -
1423851436.121    255 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.190.95:443 - ORIGINAL_DST/94.100.190.95 -
1423851436.220    260 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.184.41:443 - ORIGINAL_DST/94.100.184.41 -
1423851436.239    258 192.168.100.111 TAG_NONE/200 0 CONNECT 94.100.184.41:443 - ORIGINAL_DST/94.100.184.41 -
1423851436.284    331 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.138:443 - ORIGINAL_DST/217.69.141.138 -
1423851436.360    247 192.168.100.111 TAG_NONE/200 0 CONNECT 128.140.168.248:443 - ORIGINAL_DST/128.140.168.248 -
1423851436.378    254 192.168.100.111 TAG_NONE/200 0 CONNECT 128.140.168.248:443 - ORIGINAL_DST/128.140.168.248 -
1423851436.461    210 192.168.100.111 TCP_MISS/200 966 GET https://ssl.files.mail.ru/cgi-bin/files/fajaxcall? - ORIGINAL_DST/94.100.184.41 text/plain
1423851436.463    322 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.144:443 - ORIGINAL_DST/217.69.141.144 -
1423851436.528    157 192.168.100.111 TCP_MISS/304 371 GET https://img.imgsmail.ru/mail/ru/images/popupbox_tail.gif - ORIGINAL_DST/128.140.168.248 -
1423851436.528    141 192.168.100.111 TCP_MISS/304 372 GET https://img.imgsmail.ru/mail/ru/images/ru/_sp_ico.png? - ORIGINAL_DST/128.140.168.248 -
1423851436.654    159 192.168.100.111 TCP_MISS/200 329 GET https://mail.radar.imgsmail.ru/update? - ORIGINAL_DST/217.69.141.144 image/gif
1423851436.657    159 192.168.100.111 TCP_MISS/200 329 GET https://mail.radar.imgsmail.ru/update? - ORIGINAL_DST/217.69.141.138 image/gif
1423851437.135    244 192.168.100.111 TAG_NONE/200 0 CONNECT 128.140.171.172:443 - ORIGINAL_DST/128.140.171.172 -
1423851437.395    250 192.168.100.111 TCP_MISS/200 552 OPTIONS https://upload196.files.mail.ru/upload_ext_1394/? - ORIGINAL_DST/128.140.171.172 -
1423851437.493     92 192.168.100.111 TCP_MISS_ABORTED/000 0 POST https://upload196.files.mail.ru/upload_ext_1394/? - ORIGINAL_DST/128.140.171.172 -
1423851437.865    245 192.168.100.111 TAG_NONE/200 0 CONNECT 128.140.171.172:443 - ORIGINAL_DST/128.140.171.172 -

##after this error in log, I have error "Can not upload file" in browser.
1423851437.957     82 192.168.100.111 TCP_MISS_ABORTED/000 0 POST https://upload196.files.mail.ru/upload_ext_1394/? - ORIGINAL_DST/128.140.171.172 -

1423851440.091    310 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.144:443 - ORIGINAL_DST/217.69.141.144 -
1423851440.093    308 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.144:443 - ORIGINAL_DST/217.69.141.144 -
1423851440.097    306 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.144:443 - ORIGINAL_DST/217.69.141.144 -
1423851440.192     85 192.168.100.111 TCP_MISS/200 329 GET https://mail.radar.imgsmail.ru/update? - ORIGINAL_DST/217.69.141.144 image/gif
1423851440.220    307 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.144:443 - ORIGINAL_DST/217.69.141.144 -
1423851440.227    309 192.168.100.111 TAG_NONE/200 0 CONNECT 217.69.141.144:443 - ORIGINAL_DST/217.69.141.144 -
1423851440.270     76 192.168.100.111 TCP_MISS/200 329 GET https://mail.radar.imgsmail.ru/update? - ORIGINAL_DST/217.69.141.144 image/gif
1423851440.274     78 192.168.100.111 TCP_MISS/200 329 GET https://mail.radar.imgsmail.ru/update? - ORIGINAL_DST/217.69.141.144 image/gif
1423851473.129  56160 192.168.100.111 TCP_MISS_ABORTED/000 0 GET https://jim25.mail.ru/connect? - ORIGINAL_DST/217.69.141.151 -

More information about the squid-users mailing list