[squid-users] squid return (TCP_MISS/403 353) on some specific Links on YouTube
snakeeyes
ahmed.zaeem at netstream.ps
Tue Jun 2 22:03:16 UTC 2015
Hi ,
A developed guy developed a script that convert Links of sommon sites like
youtube to other Links
The sciprt connecto to proxy and transfer the Link.
The script works well for some websites and give response like :
https://www.youtube.com/watch?v=zYBgFeLCp3E
response on cache.log
==============
1433246384.626 245 195.154.200.58 TCP_MISS/200 38660 GET
http://www.youtube.com/get_video_info? - HIER_DIRECT/195.95.178.110
application/x-www-form-urlencoded
1433246384.802 62 195.154.200.58 TCP_MISS/200 454 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/mp4
1433246385.027 125 195.154.200.58 TCP_MISS/200 454 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/webm
1433246386.239 123 195.154.200.58 TCP_MISS/200 453 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/mp4
1433246386.469 121 195.154.200.58 TCP_MISS/200 455 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/x-flv
1433246386.709 139 195.154.200.58 TCP_MISS/200 454 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/3gpp
1433246386.941 121 195.154.200.58 TCP_MISS/200 453 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/3gpp
1433246387.181 131 195.154.200.58 TCP_MISS/200 454 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/mp4
1433246387.334 61 195.154.200.58 TCP_MISS/200 454 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/webm
1433246387.756 61 195.154.200.58 TCP_MISS/200 453 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/mp4
1433246387.927 61 195.154.200.58 TCP_MISS/200 454 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/webm
1433246388.097 71 195.154.200.58 TCP_MISS/200 453 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/mp4
1433246388.267 72 195.154.200.58 TCP_MISS/200 454 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/webm
1433246389.432 62 195.154.200.58 TCP_MISS/200 453 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/mp4
1433246389.614 62 195.154.200.58 TCP_MISS/200 454 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/webm
1433246389.798 82 195.154.200.58 TCP_MISS/200 452 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 video/mp4
1433246389.958 72 195.154.200.58 TCP_MISS/200 452 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 audio/mp4
1433246390.127 63 195.154.200.58 TCP_MISS/200 453 HEAD
http://r2---sn-8pgbpohxqp5-ac5e.googlevideo.com/videoplayback? -
HIER_DIRECT/82.15.95.141 audio/webm
===============
Response feedback from script :
xxxx:40000
HTTP/1.1 200 OK
Content-Type: video/mp4
Last-Modified: Thu, 23 Apr 2015 05:52:23 GMT
Date: Tue, 02 Jun 2015 11:51:24 GMT
Expires: Tue, 02 Jun 2015 11:51:24 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 165062830
HTTP/1.1 200 OK
Content-Type: video/webm
Last-Modified: Fri, 12 Dec 2014 12:46:34 GMT
Date: Tue, 02 Jun 2015 11:51:24 GMT
Expires: Tue, 02 Jun 2015 11:51:24 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 52618326
HTTP/1.1 200 OK
Content-Type: video/mp4
Last-Modified: Thu, 23 Apr 2015 05:49:33 GMT
Date: Tue, 02 Jun 2015 11:51:24 GMT
Expires: Tue, 02 Jun 2015 11:51:24 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 46393506
HTTP/1.1 200 OK
Content-Type: video/x-flv
Last-Modified: Fri, 12 Dec 2014 12:31:53 GMT
Date: Tue, 02 Jun 2015 11:51:25 GMT
Expires: Tue, 02 Jun 2015 11:51:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 25122119
HTTP/1.1 200 OK
Content-Type: video/3gpp
Last-Modified: Fri, 12 Dec 2014 12:40:48 GMT
Date: Tue, 02 Jun 2015 11:51:25 GMT
Expires: Tue, 02 Jun 2015 11:51:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 17139471
HTTP/1.1 200 OK
Content-Type: video/3gpp
Last-Modified: Fri, 12 Dec 2014 12:39:17 GMT
Date: Tue, 02 Jun 2015 11:51:25 GMT
Expires: Tue, 02 Jun 2015 11:51:25 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 6248631
=============
For some youtube links like vevo videos we have error TCPMIS/403 !!!
https://www.youtube.com/watch?v=ab9176Srb5Y
RECT/62.252.232.19 text/plain
1433246591.307 128 195.154.200.58 TCP_MISS/403 353 HEAD
http://r8---sn-8pgbpohxqp5-ac5l.googlevideo.com/videoplayback? -
HIER_DIRECT/62.252.232.19 text/plain
1433246591.530 129 195.154.200.58 TCP_MISS/403 353 HEAD
http://r8---sn-8pgbpohxqp5-ac5l.googlevideo.com/videoplayback? -
HIER_DIRECT/62.252.232.19 text/plain
1433246591.752 121 195.154.200.58 TCP_MISS/403 353 HEAD
http://r8---sn-8pgbpohxqp5-ac5l.googlevideo.com/videoplayback? -
HIER_DIRECT/62.252.232.19 text/plain
1433246591.977 120 195.154.200.58 TCP_MISS/403 353 HEAD
http://r8---sn-8pgbpohxqp5-ac5l.googlevideo.com/videoplayback? -
HIER_DIRECT/62.252.232.19 text/plain
1433246592.218 125 195.154.200.58 TCP_MISS/403 353 HEAD
http://r8---sn-8pgbpohxqp5-ac5l.googlevideo.com/videoplayback? -
HIER_DIRECT/62.252.232.19 text/plain
SCRIPT FEEDBACK
XXX:40000
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
X-Content-Type-Options: nosniff
Date: Tue, 02 Jun 2015 12:03:03 GMT
Server: gvs 1.0
X-Cache: MISS from Largerock-squid
X-Cache-Lookup: MISS from Largerock-squid:40000
Via: 1.1 Largerock-squid (squid/3.5.2)
Connection: keep-alive
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
X-Content-Type-Options: nosniff
Date: Tue, 02 Jun 2015 12:03:04 GMT
Server: gvs 1.0
X-Cache: MISS from Largerock-squid
X-Cache-Lookup: MISS from Largerock-squid:40000
Via: 1.1 Largerock-squid (squid/3.5.2)
Connection: keep-alive
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
X-Content-Type-Options: nosniff
Date: Tue, 02 Jun 2015 12:03:05 GMT
Server: gvs 1.0
X-Cache: MISS from Largerock-squid
X-Cache-Lookup: MISS from Largerock-squid:40000
Via: 1.1 Largerock-squid (squid/3.5.2)
Connection: keep-alive
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
X-Content-Type-Options: nosniff
Date: Tue, 02 Jun 2015 12:03:05 GMT
Server: gvs 1.0
X-Cache: MISS from Largerock-squid
X-Cache-Lookup: MISS from Largerock-squid:40000
Via: 1.1 Largerock-squid (squid/3.5.2)
Connection: keep-alive
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
X-Content-Type-Options: nosniff
Date: Tue, 02 Jun 2015 12:03:06 GMT
Server: gvs 1.0
X-Cache: MISS from Largerock-squid
X-Cache-Lookup: MISS from Largerock-squid:40000
Via: 1.1 Largerock-squid (squid/3.5.2)
Connection: keep-alive
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
HTTP/1.1 403 Forbidden
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Content-Type: text/plain
Content-Length: 0
X-Content-Type-Options: nosniff
Date: Tue, 02 Jun 2015 12:03:06 GMT
Server: gvs 1.0
X-Cache: MISS from Largerock-squid
X-Cache-Lookup: MISS from Largerock-squid:40000
Via: 1.1 Largerock-squid (squid/3.5.2)
Connection: keep-alive
Squid.conf file :
cache_effective_user squid
cache_effective_group squid
#
# Recommended minimum configuration:
#
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src xxxx/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged)
machines
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost
# And finally deny all other access to this proxy
http_access deny all
# Squid normally listens to port 3128
http_port 3128
######################################
################################################
# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/cache/squid 100 16 256
# Leave coredumps in the first cache dir
coredump_dir /var/cache/squid
#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
Squid Cache: Version 3.5.2
Service Name: squid
configure options: '--prefix=/usr' '--includedir=/include'
'--mandir=/share/man' '--infodir=/share/info' '--sysconfdir=/etc'
'--enable-cachemgr-hostname=xxx '--localstatedir=/var'
'--libexecdir=/lib/squid' '--disable-maintainer-mode'
'--disable-dependency-tracking' '--disable-silent-rules' '--srcdir=.'
'--datadir=/usr/share/squid' '--sysconfdir=/etc/squid'
'--mandir=/usr/share/man' '--enable-inline' '--enable-async-io=8'
'--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap'
'--enable-delay-pools' '--enable-cache-digests' '--enable-underscores'
'--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth'
'--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam
,squid_radius_auth,multi-domain-NTLM' '--enable-ntlm-auth-helpers=smb_lm'
'--enable-digest-auth-helpers=ldap,password'
'--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-esi'
'--disable-translation' '--with-logdir=/var/log/squid'
'--with-pidfile=/var/run/squid.pid' '--with-filedescriptors=131072'
'--with-large-files' '--with-default-user=squid' '--enable-linux-netfilter'
'--enable-ltdl-convenience' '--enable-ssl' '--enable-ssl-crtd'
'--enable-arp-acl' 'CXXFLAGS=-DMAXTCPLISTENPORTS=20000' '--with-openssl'
'--enable-snmp' '--with-included-ltdl'
root at box2:~#
Any help why some sites give me response 403 and some sites ok on youtyube
????
thankx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150602/1bb5e60d/attachment-0001.html>
More information about the squid-users
mailing list