[squid-users] TCP_RESET non http requests on port 80
Omid Kosari
omidkosari at yahoo.com
Mon Aug 29 13:40:56 UTC 2016
Alex Rousskov wrote
> On 08/28/2016 03:10 AM, Omid Kosari wrote:
>> Alex Rousskov wrote
>>> I understand that it works for regular requests. Does it also work
>>> (i.e.,
>>> does Squid reset the connection) when handling a non-HTTP request on
>>> port 80?
>
>> No , when the request is non-HTTP it does not reset the connection .
>
> Great. Now please go back to the simpler configuration I asked you to
> test some time ago:
>
> http_reply_access deny all
> deny_info TCP_RESET all
>
> Does that work for non-HTTP request on port 80?
config:
http_reply_access deny all
deny_info TCP_RESET all
=====
test type:
telnet 123.com 80
sgsdgsdgsdgsdg
RESULT:
HTTP/1.1 403 Forbidden
Server: squid
Mime-Version: 1.0
Date: Mon, 29 Aug 2016 13:30:47 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 5
X-Cache: MISS from cache1
X-Cache-Lookup: NONE from cache1:3128
Connection: close
reset
Connection to host lost.
==========================================
Alex Rousskov wrote
> I am confused. Earlier you said "As i mention before the deny_info works
> in other configs" and gave a very similar configuration example with
> dstdomain ACL. Now you are showing that this example does _not_ work
> even with regular requests (you are getting HTTP headers from Squid
> instead of a TCP connection reset). Am I missing something?
Sorry i mean with adapted_http_access . Maybe my typo
--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/TCP-RESET-non-http-requests-on-port-80-tp4679102p4679239.html
Sent from the Squid - Users mailing list archive at Nabble.com.
More information about the squid-users
mailing list