[squid-dev] Basic tests results for the proxy protocol with squid.

Fri, 13 Mar 2015 01:08:32 -0700

I started testing squid 3.5.2 with the proxy protocol and I have setup a basic haproxy settings for it. 
http://ngtech.co.il/paste/1287/

copy of the logs at:
http://www1.ngtech.co.il/paste/1288/
While testing I started first haproxy with regular squid forward proxy and then moved to a proxy protocol supported forward proxy setup.
While with forward proxy the acls seems to work fine with the proxy protocol I am encountering couple weird things: 1426233543.491 28 192.168.10.131 TCP_MISS/404 611 GET http://ngtech.co.il/favico.ico - HIER_DIRECT/84.95.212.160 text/html 1426233562.110 29091 192.168.10.131 TCP_TUNNEL/200 3374 CONNECT tiles.services.mozilla.com:443 - HIER_DIRECT/54.149.185.208 - 1426233562.119 1 192.168.10.151 TCP_MISS/403 4324 GET http://ngtech.co.il/favicon.ico - HIER_NONE/- text/html 1426233562.122 5 192.168.10.131 TCP_MISS/403 4461 GET http://ngtech.co.il/favicon.ico - ORIGINAL_DST/192.168.10.151 text/html 1426233562.259 1 192.168.10.151 TCP_MISS/403 4382 GET http://www.squid-cache.org/Artwork/SN.png - HIER_NONE/- text/html 1426233562.261 3 192.168.10.131 TCP_MISS/403 4519 GET http://www.squid-cache.org/Artwork/SN.png - ORIGINAL_DST/192.168.10.151 text/html 1426233562.294 1 192.168.10.151 TCP_MISS/403 4306 GET http://ngtech.co.il/favicon.ico - HIER_NONE/- text/html 1426233562.296 2 192.168.10.131 TCP_MISS/403 4443 GET http://ngtech.co.il/favicon.ico - ORIGINAL_DST/192.168.10.151 text/html 


The first two requests are on the regular forward proxy port.
Then the 403 response is not a TCP_DENIED but I am still watching the screen and see a squid access denied page which is identified by the with the local proxy name. Why would I see an "ORIGINAL_DST" at all in these requests??? there is none...(else then the haproxy). 

So summery of the setup:
1 host with both squid and haproxy installed and configured for proxy protocol version 1(version 2 didn't worked for me at all) haproxy listens on one port(13128) and squid on receives the requests on the loopback interface(port 23128).
I think it's a bug but first I am putting the details here in the dev list and later next week I will file a bugzilla report. 

Eliezer
* I followed the release notes at http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html#ss2.7 
_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev

Reply via email to