[squid-users] httpd-accelerator

Mon, 20 Oct 2003 02:11:54 -0700


We have configured two reverse proxy accelerators with squid for our web-servers with load-balancing (for a long time), all the traffic incoming is for our web-servers, well, but in the squid logs we can to see a few connections what isn't for our webservers (likely inappropiate uso)

In a reverse proxy for example:

200.30.146.106 - - [17/Oct/2003:20:09:05 +0200] "GET http://www.altavista.com/r? HTTP/1.0" 403 1359 TCP_DENIED:NONE
200.30.146.106 - - [17/Oct/2003:20:09:06 +0200] "GET http://www.altavista.com/a? HTTP/1.0" 403 1359 TCP_DENIED:NONE
200.30.146.106 - - [17/Oct/2003:20:09:11 +0200] "GET http://www.altavista.com/a? HTTP/1.0" 403 1359 TCP_DENIED:NONE
200.30.146.106 - - [17/Oct/2003:20:09:12 +0200] "GET http://www.altavista.com/web/results? HTTP/1.0" 403 1379 TCP_DENIED:NONE
200.30.146.106 - - [17/Oct/2003:20:09:15 +0200] "GET http://www.altavista.com/web/results? HTTP/1.0" 403 1379 TCP_DENIED:NONE
200.30.146.106 - - [17/Oct/2003:20:09:16 +0200] "GET http://www.altavista.com/a? HTTP/1.0" 403 1359 TCP_DENIED:NONE
200.30.146.106 - - [17/Oct/2003:20:09:19 +0200] "GET http://www.altavista.com/a? HTTP/1.0" 403 1359 TCP_DENIED:NONE
200.30.146.106 - - [17/Oct/2003:20:09:22 +0200] "GET http://www.yahoo.com/ HTTP/1.0" 403 1347 TCP_DENIED:NONE
200.30.146.106 - - [17/Oct/2003:20:09:29 +0200] "GET http://www.yahoo.com/ HTTP/1.0" 403 1347 TCP_DENIED:NONE

200.72.157.224 - - [17/Oct/2003:03:03:49 +0200] "GET http://members.msn.com/upload.msnw? HTTP/1.0" 403 1375 TCP_DENIED:NONE
200.72.157.224 - - [17/Oct/2003:03:03:51 +0200] "GET http://members.msn.com/upload.msnw? HTTP/1.0" 403 1375 TCP_DENIED:NONE
200.72.157.224 - - [17/Oct/2003:03:03:54 +0200] "GET http://members.msn.com/upload.msnw? HTTP/1.0" 403 1375 TCP_DENIED:NONE

vpn.consorcio.cl - - [17/Oct/2003:15:53:20 +0200] "GET http://www.google.cl/search? HTTP/1.0" 403 1361 TCP_DENIED:NONE
vpn.consorcio.cl - - [17/Oct/2003:15:53:28 +0200] "GET http://www.google.cl/search? HTTP/1.0" 403 1361 TCP_DENIED:NONE
vpn.consorcio.cl - - [17/Oct/2003:15:53:31 +0200] "GET http://www.google.cl/search? HTTP/1.0" 403 1361 TCP_DENIED:NONE
vpn.consorcio.cl - - [17/Oct/2003:15:53:38 +0200] "GET http://www.google.cl/search? HTTP/1.0" 403 1361 TCP_DENIED:NONE
vpn.consorcio.cl - - [17/Oct/2003:15:53:51 +0200] "GET http://www.google.cl/url? HTTP/1.0" 403 1355 TCP_DENIED:NONE

All the traffic inappropiate is denied for squid, but we would like the reason for the requests (a bad configuation or deliberate?)


Thanks!.





Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to