On 24/07/2013 4:37 p.m., PSA4444 wrote:
I am running a squid reverse proxy in a DMZ which allows the outside world to
access several websites I am hosting. One of these websites is a nagios
server.
Everything has been working well for months but this morning, users were not
able to access the nagios site.
Nobody has changed anything on either server for months. This is being
logged in access.log:
xx.xx.xx.xx TCP_MISS/403 680 GET http://nagios.blah.com/nagios -
FIRSTUP_PARENT/yy.yy.yy.yy text/html
xx.xx.xx.xx TCP_MISS/403 680 GET http://nagios.blah.com/favicon.ico -
FIRSTUP_PARENT/yy.yy.yy.yy text/html
xx.xx.xx.xx = source IP
yy.yy.yy.yy = unknown ip
Relevant entry:
#Nagios
cache_peer nagios.blah.com parent 80 0 no-query originserver name=nag
login=PASSTHRU
acl sites_nag dstdomain nagios.blah.com
cache_peer_access nag allow sites_nag firstclient
cache_peer_access nag allow sites_nag secondclient
cache_peer_access nag deny publicall
acl https proto https
http_access allow all
I have a hosts file entry pointing the squid server to the local nagios
server.
10.0.1.23 nagios.blah.com
Connecting directly to this via squid using the links browser works.
Connecting directly to the nagios server via firefox within the network also
works.
I have tried restarting squid and the apache service on the nagios server.
Any idea what's wrong, why this suddenly started happening and how to fix
it?
If you have more than one cache_peer directive in use the above snippet
of your config file may *not* be the relevant config line. Particularly
if yy.yy.yy.yy is not 10.0.1.23. Apparently yy.yy.yy.yy is an IP address
of *one* of your cache_peer entries. The cache manager "ipcache" report
should be able to tell you which one.
Amos
