[zorp-hu] Furcsa hiba
Hegedus Ferenc
zorp-hu@lists.balabit.hu
Tue, 30 Nov 2004 14:19:07 +0100
On 2004 Aug 16 at 15:03, Balazs Scheidler wrote:
> On Mon, 2004-08-09 at 20:57, Hegedus Ferenc wrote:
> > Sziasztok
> >
> > Idonekent fellep nalam egy furcsa hiba es szeretnem megkerdezni,
> > hogy mas talalkozott-e mar vele.
> >
> > Elojott mar 2.4.24 es 2.4.26-os kernel-en, 2.0.8-as
> > es 2.0.9-es Zorp-al (woody-ra forditott),
> > tobb gepen is, de nem jottem ra mi valtja ki.
> >
> > A transzparens proxyk kozul az egyik (vagy mind)
> > veletlenszeru idoszakonkent (1 nap - 1 honap)
> > egyszercsak ugy dont, hogy mostantol "DAC policy violation".
> > A zorpctl restart utan pedig megjavul. Sajnos nem tudom
> > pontosabban leirni a hibat. Koszi!
>
> a DAC policy violation mindig azt jelenti, hogy a Zorp vagy nem talalta
> meg a kliensnek/szervernek megfelelo zonat.
>
> nagy valoszinuseggel olyan gond lehet, hogy nem jol talalja meg a
> szerver eredeti celcimet. meg tudod nezni a logjaidat, hogy
> kliens/szerver oldalon van a gond, illetve, hogy melyik cim kapcsan van
> a baja?
>
> (esetleg log levelt sem art emelni ilyenkor, USR1 signallal tudod
> megtenni a zorp ujrainditasa nelkul)
>
> --
> Bazsi
> PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
Szia
Egy darabig eltunt a hiba, de ma ismet elokerult,a level aljara
bemasoltam a verbose_level='10' logot.
Van benne egy sajat logolas:
FROM: AF_INET(192.168.0.5:2133) TO: AF_INET(192.168.0.1:50080) GET: http://www.bbrt.hu/
Ez amikor jol mukodik (Zorp ujrainditasa utan) ugy nez ki, hogy:
FROM: AF_INET(192.168.0.5:2135) TO: AF_INET(195.56.141.41:80) GET: http://www.bbrt.hu/
Mintha elfelejteni, hogy van tproxy...
Zorp 2.0.9-5 (Sarge), linux-2.4.28 + cttproxy-2.4.27-1.2.1, iptables 1.2.7a
http[25296]: (zorp/intra_http:105/http): thread starting;
http[25296]: (zorp/intra_http:105/http): calling __config__() event;
http[25296]: (zorp/intra_http:105/http): calling config() event;
http[25296]: (zorp/intra_http:105/http): Attribute fetched; attribute='request', value='<Zorp hash object at 0x4058f0e0>'
http[25296]: (zorp/intra_http:105/http): Attribute fetched; attribute='request_header', value='<Zorp hash object at 0x4058f140>'
http[25296]: (zorp/intra_http:105/http): Attribute fetched; attribute='request_header', value='<Zorp hash object at 0x4058f140>'
http[25296]: (zorp/intra_http:105/http): Attribute fetched; attribute='response_header', value='<Zorp hash object at 0x4058f130>'
http[25296]: (zorp/intra_http:105/http): Attribute fetched; attribute='request', value='<Zorp hash object at 0x4058f0e0>'
http[25296]: (zorp/intra_http:105/http): Attribute fetched; attribute='request', value='<Zorp hash object at 0x4058f0e0>'
http[25296]: (zorp/intra_http:105/http): Attribute changed; attribute='require_host_header', newvalue='0'
http[25296]: (zorp/intra_http:105/http): Attribute changed; attribute='max_chunk_length', newvalue='131072'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='max_url_length', value='4096'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='max_header_lines', value='50'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='response', value='<Zorp Multidimensional hash object at 0x4058f1a0>'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='max_chunk_length', value='131072'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='max_body_length', value='0'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='auth_inband_supported', value='1'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='target_port_range', value=''80,443''
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='request_header', value='<Zorp hash object at 0x4058f140>'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='parent_proxy_port', value='3128'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='timeout_request', value='10000'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='permit_unicode_url', value='0'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='rewrite_host_header', value='1'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='strict_header_checking', value='1'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='require_host_header', value='0'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='auth', value='<NULL>'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='error_files_directory', value=''/usr/share/zorp/http''
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='default_port', value='80'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='permit_server_requests', value='1'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='transparent_mode', value='1'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='max_hostname_length', value='256'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='response_header', value='<Zorp hash object at 0x4058f130>'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='timeout', value='300000'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='request', value='<Zorp hash object at 0x4058f0e0>'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='max_keepalive_requests', value='0'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='error_status', value='500'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='error_silent', value='0'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='permit_proxy_requests', value='0'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='permit_null_response', value='1'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='parent_proxy', value=''''
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='max_line_length', value='4096'
http[25296]: (zorp/intra_http:105/http): Config dump, attribute value; name='auth_realm', value=''Zorp HTTP auth''
http[25296]: (zorp/intra_http:105/http): calling __startup__() event;
http[25296]: (zorp/intra_http:105/http): calling startUp() event;
http[25296]: (zorp/intra_http:105/http): fetching request and headers;
http[25296]: (zorp/intra_http:105/http/client): Reading channel; fd='15', count='352'
http[25296]: (zorp/intra_http:105/http/client): data line: 47 45 54 20 2F 20 48 54 54 50 2F 31 2E 31 0D 0A GET / HTTP/1.1..
http[25296]: (zorp/intra_http:105/http/client): data line: 41 63 63 65 70 74 3A 20 69 6D 61 67 65 2F 67 69 Accept: image/gi
http[25296]: (zorp/intra_http:105/http/client): data line: 66 2C 20 69 6D 61 67 65 2F 78 2D 78 62 69 74 6D f, image/x-xbitm
http[25296]: (zorp/intra_http:105/http/client): data line: 61 70 2C 20 69 6D 61 67 65 2F 6A 70 65 67 2C 20 ap, image/jpeg,
http[25296]: (zorp/intra_http:105/http/client): data line: 69 6D 61 67 65 2F 70 6A 70 65 67 2C 20 61 70 70 image/pjpeg, app
http[25296]: (zorp/intra_http:105/http/client): data line: 6C 69 63 61 74 69 6F 6E 2F 78 2D 73 68 6F 63 6B lication/x-shock
http[25296]: (zorp/intra_http:105/http/client): data line: 77 61 76 65 2D 66 6C 61 73 68 2C 20 61 70 70 6C wave-flash, appl
http[25296]: (zorp/intra_http:105/http/client): data line: 69 63 61 74 69 6F 6E 2F 76 6E 64 2E 6D 73 2D 70 ication/vnd.ms-p
http[25296]: (zorp/intra_http:105/http/client): data line: 6F 77 65 72 70 6F 69 6E 74 2C 20 61 70 70 6C 69 owerpoint, appli
http[25296]: (zorp/intra_http:105/http/client): data line: 63 61 74 69 6F 6E 2F 76 6E 64 2E 6D 73 2D 65 78 cation/vnd.ms-ex
http[25296]: (zorp/intra_http:105/http/client): data line: 63 65 6C 2C 20 61 70 70 6C 69 63 61 74 69 6F 6E cel, application
http[25296]: (zorp/intra_http:105/http/client): data line: 2F 6D 73 77 6F 72 64 2C 20 2A 2F 2A 0D 0A 41 63 /msword, */*..Ac
http[25296]: (zorp/intra_http:105/http/client): data line: 63 65 70 74 2D 4C 61 6E 67 75 61 67 65 3A 20 68 cept-Language: h
http[25296]: (zorp/intra_http:105/http/client): data line: 75 0D 0A 41 63 63 65 70 74 2D 45 6E 63 6F 64 69 u..Accept-Encodi
http[25296]: (zorp/intra_http:105/http/client): data line: 6E 67 3A 20 67 7A 69 70 2C 20 64 65 66 6C 61 74 ng: gzip, deflat
http[25296]: (zorp/intra_http:105/http/client): data line: 65 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D e..User-Agent: M
http[25296]: (zorp/intra_http:105/http/client): data line: 6F 7A 69 6C 6C 61 2F 34 2E 30 20 28 63 6F 6D 70 ozilla/4.0 (comp
http[25296]: (zorp/intra_http:105/http/client): data line: 61 74 69 62 6C 65 3B 20 4D 53 49 45 20 36 2E 30 atible; MSIE 6.0
http[25296]: (zorp/intra_http:105/http/client): data line: 3B 20 57 69 6E 64 6F 77 73 20 4E 54 20 35 2E 30 ; Windows NT 5.0
http[25296]: (zorp/intra_http:105/http/client): data line: 29 0D 0A 48 6F 73 74 3A 20 77 77 77 2E 62 62 72 )..Host: www.bbr
http[25296]: (zorp/intra_http:105/http/client): data line: 74 2E 68 75 0D 0A 43 6F 6E 6E 65 63 74 69 6F 6E t.hu..Connection
http[25296]: (zorp/intra_http:105/http/client): data line: 3A 20 4B 65 65 70 2D 41 6C 69 76 65 0D 0A 0D 0A : Keep-Alive....
http[25296]: (zorp/intra_http:105/http): Request details; command='GET', url='/', version='HTTP/1.1'
http[25296]: (zorp/intra_http:105/http): request prefilter header; hdr='Accept', value='image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, */*'
http[25296]: (zorp/intra_http:105/http): request prefilter header; hdr='Accept-Language', value='hu'
http[25296]: (zorp/intra_http:105/http): request prefilter header; hdr='Accept-Encoding', value='gzip, deflate'
http[25296]: (zorp/intra_http:105/http): request prefilter header; hdr='User-Agent', value='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)'
http[25296]: (zorp/intra_http:105/http): request prefilter header; hdr='Host', value='www.bbrt.hu'
http[25296]: (zorp/intra_http:105/http): request prefilter header; hdr='Connection', value='Keep-Alive'
http[25296]: (zorp/intra_http:105/http): processing request and headers;
http[25296]: (zorp/intra_http:105/http): filtering request and headers;
http[25296]: (zorp/intra_http:105/http): FROM: AF_INET(192.168.0.5:2133) TO: AF_INET(192.168.0.1:50080) GET: http://www.bbrt.hu/
http[25296]: (zorp/intra_http:105/http): sending request and headers, copying request data;
http[25296]: (zorp/intra_http:105/http): request postfilter header; hdr='Accept', value='image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, */*'
http[25296]: (zorp/intra_http:105/http): request postfilter header; hdr='Accept-Language', value='hu'
http[25296]: (zorp/intra_http:105/http): request postfilter header; hdr='Accept-Encoding', value='gzip, deflate'
http[25296]: (zorp/intra_http:105/http): request postfilter header; hdr='User-Agent', value='Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90)'
http[25296]: (zorp/intra_http:105/http): request postfilter header; hdr='Host', value='www.bbrt.hu'
http[25296]: (zorp/intra_http:105/http): request postfilter header; hdr='Connection', value='keep-alive'
http[25296]: (zorp/intra_http:105): Inbound service not permitted (cached); service='intra_http', zone='Zone(Intranet, 192.168.0.0/24)'
http[25296]: (zorp/intra_http:105/http): DAC policy violation;
http[25296]: (zorp/intra_http:105/http): exiting keep-alive loop;
http[25296]: (zorp/intra_http:105/http/client): Writing channel; fd='15', count='32'
http[25296]: (zorp/intra_http:105/http/client): data line: 48 54 54 50 2F 31 2E 30 20 35 30 32 20 45 72 72 HTTP/1.0 502 Err
http[25296]: (zorp/intra_http:105/http/client): data line: 6F 72 20 65 6E 63 6F 75 6E 74 65 72 65 64 0D 0A or encountered..
http[25296]: (zorp/intra_http:105/http/client): Writing channel; fd='15', count='46'
http[25296]: (zorp/intra_http:105/http/client): data line: 43 6F 6E 6E 65 63 74 69 6F 6E 3A 20 63 6C 6F 73 Connection: clos
http[25296]: (zorp/intra_http:105/http/client): data line: 65 0D 0A 43 6F 6E 74 65 6E 74 2D 54 79 70 65 3A e..Content-Type:
http[25296]: (zorp/intra_http:105/http/client): data line: 20 74 65 78 74 2F 68 74 6D 6C 0D 0A 0D 0A text/html....
http[25296]: (zorp/intra_http:105/http): An error occurred, serving error file; filename='/usr/share/zorp/http/connecterror.html'
http[25296]: (zorp/intra_http:105/http/client): Writing channel; fd='15', count='766'
http[25296]: (zorp/intra_http:105/http/client): data line: 3C 68 74 6D 6C 3E 0A 3C 68 65 61 64 3E 0A 3C 74 <html>.<head>.<t
http[25296]: (zorp/intra_http:105/http/client): data line: 69 74 6C 65 3E 43 6F 6E 6E 65 63 74 69 6F 6E 20 itle>Connection
http[25296]: (zorp/intra_http:105/http/client): data line: 65 72 72 6F 72 3C 2F 74 69 74 6C 65 3E 0A 3C 2F error</title>.</
http[25296]: (zorp/intra_http:105/http/client): data line: 68 65 61 64 3E 0A 3C 62 6F 64 79 3E 0A 3C 70 3E head>.<body>.<p>
http[25296]: (zorp/intra_http:105/http/client): data line: 54 68 65 72 65 20 77 61 73 20 61 20 70 72 6F 62 There was a prob
http[25296]: (zorp/intra_http:105/http/client): data line: 6C 65 6D 20 63 6F 6E 6E 65 63 74 69 6E 67 20 74 lem connecting t
http[25296]: (zorp/intra_http:105/http/client): data line: 6F 20 74 68 65 20 68 6F 73 74 20 79 6F 75 20 73 o the host you s
http[25296]: (zorp/intra_http:105/http/client): data line: 70 65 63 69 66 69 65 64 2E 3C 2F 70 3E 0A 0A 3C pecified.</p>..<
http[25296]: (zorp/intra_http:105/http/client): data line: 70 3E 50 6F 73 73 69 62 6C 65 20 72 65 61 73 6F p>Possible reaso
http[25296]: (zorp/intra_http:105/http/client): data line: 6E 73 3A 3C 2F 70 3E 0A 3C 75 6C 3E 0A 20 20 3C ns:</p>.<ul>. <
http[25296]: (zorp/intra_http:105/http/client): data line: 6C 69 3E 54 68 65 20 74 61 72 67 65 74 20 73 79 li>The target sy
http[25296]: (zorp/intra_http:105/http/client): data line: 73 74 65 6D 20 77 61 73 20 64 6F 77 6E 20 61 6E stem was down an
http[25296]: (zorp/intra_http:105/http/client): data line: 64 20 69 73 20 6E 6F 74 20 73 65 72 76 69 63 69 d is not servici
http[25296]: (zorp/intra_http:105/http/client): data line: 6E 67 20 72 65 71 75 65 73 74 73 0A 20 20 3C 6C ng requests. <l
http[25296]: (zorp/intra_http:105/http/client): data line: 69 3E 54 68 65 20 6E 65 74 77 6F 72 6B 20 74 68 i>The network th
http[25296]: (zorp/intra_http:105/http/client): data line: 65 20 74 61 72 67 65 74 20 73 79 73 74 65 6D 20 e target system
http[25296]: (zorp/intra_http:105/http/client): data line: 72 65 73 69 64 65 73 20 6F 6E 20 69 73 20 75 6E resides on is un
http[25296]: (zorp/intra_http:105/http/client): data line: 72 65 61 63 68 61 62 6C 65 0A 20 20 3C 6C 69 3E reachable. <li>
http[25296]: (zorp/intra_http:105/http/client): data line: 54 68 65 20 66 69 72 65 77 61 6C 6C 20 70 6F 6C The firewall pol
http[25296]: (zorp/intra_http:105/http/client): data line: 69 63 79 20 64 65 6E 69 65 64 20 79 6F 75 72 20 icy denied your
http[25296]: (zorp/intra_http:105/http/client): data line: 63 6F 6E 6E 65 63 74 69 6F 6E 20 72 65 71 75 65 connection reque
http[25296]: (zorp/intra_http:105/http/client): data line: 73 74 0A 3C 2F 75 6C 3E 0A 0A 3C 70 3E 50 6F 73 st.</ul>..<p>Pos
http[25296]: (zorp/intra_http:105/http/client): data line: 73 69 62 6C 65 20 73 6F 6C 75 74 69 6F 6E 73 3A sible solutions:
http[25296]: (zorp/intra_http:105/http/client): data line: 3C 2F 70 3E 0A 3C 75 6C 3E 0A 20 20 3C 6C 69 3E </p>.<ul>. <li>
http[25296]: (zorp/intra_http:105/http/client): data line: 43 68 65 63 6B 20 74 68 61 74 20 79 6F 75 20 74 Check that you t
http[25296]: (zorp/intra_http:105/http/client): data line: 79 70 65 64 20 74 68 65 20 55 52 4C 20 63 6F 72 yped the URL cor
http[25296]: (zorp/intra_http:105/http/client): data line: 72 65 63 74 6C 79 0A 20 20 3C 6C 69 3E 43 68 65 rectly. <li>Che
http[25296]: (zorp/intra_http:105/http/client): data line: 63 6B 20 74 68 61 74 20 79 6F 75 20 73 68 6F 75 ck that you shou
http[25296]: (zorp/intra_http:105/http/client): data line: 6C 64 20 68 61 76 65 20 61 63 63 65 73 73 20 74 ld have access t
http[25296]: (zorp/intra_http:105/http/client): data line: 6F 20 74 68 65 20 55 52 4C 20 79 6F 75 20 73 70 o the URL you sp
http[25296]: (zorp/intra_http:105/http/client): data line: 65 63 69 66 69 65 64 0A 20 20 3C 6C 69 3E 43 6F ecified. <li>Co
http[25296]: (zorp/intra_http:105/http/client): data line: 6E 74 61 63 74 20 79 6F 75 72 20 73 79 73 74 65 ntact your syste
http[25296]: (zorp/intra_http:105/http/client): data line: 6D 20 61 64 6D 69 6E 69 73 74 72 61 74 6F 72 20 m administrator
http[25296]: (zorp/intra_http:105/http/client): data line: 66 6F 72 20 61 73 73 69 73 74 61 6E 63 65 0A 20 for assistance.
http[25296]: (zorp/intra_http:105/http/client): data line: 20 3C 6C 69 3E 43 6F 6E 74 61 63 74 20 79 6F 75 <li>Contact you
http[25296]: (zorp/intra_http:105/http/client): data line: 72 20 5A 6F 72 70 20 73 75 70 70 6F 72 74 20 66 r Zorp support f
http[25296]: (zorp/intra_http:105/http/client): data line: 6F 72 20 61 73 73 69 73 74 61 6E 63 65 0A 3C 2F or assistance.</
http[25296]: (zorp/intra_http:105/http/client): data line: 75 6C 3E 0A 0A 3C 70 3E 41 64 64 69 74 69 6F 6E ul>..<p>Addition
http[25296]: (zorp/intra_http:105/http/client): data line: 61 6C 20 69 6E 66 6F 72 6D 61 74 69 6F 6E 3A 3C al information:<
http[25296]: (zorp/intra_http:105/http/client): data line: 2F 70 3E 0A 45 72 72 6F 72 20 65 73 74 61 62 6C /p>.Error establ
http[25296]: (zorp/intra_http:105/http/client): data line: 69 73 68 69 6E 67 20 63 6F 6E 6E 65 63 74 69 6F ishing connectio
http[25296]: (zorp/intra_http:105/http/client): data line: 6E 20 74 6F 20 77 77 77 2E 62 62 72 74 2E 68 75 n to www.bbrt.hu
http[25296]: (zorp/intra_http:105/http/client): data line: 0A 3C 68 72 3E 0A 50 61 67 65 20 67 65 6E 65 72 .<hr>.Page gener
http[25296]: (zorp/intra_http:105/http/client): data line: 61 74 65 64 20 62 79 20 5A 6F 72 70 2C 20 76 65 ated by Zorp, ve
http[25296]: (zorp/intra_http:105/http/client): data line: 72 73 69 6F 6E 20 32 2E 30 2E 39 20 6F 6E 20 54 rsion 2.0.9 on T
http[25296]: (zorp/intra_http:105/http/client): data line: 75 65 20 4E 6F 76 20 33 30 20 31 30 3A 30 38 3A ue Nov 30 10:08:
http[25296]: (zorp/intra_http:105/http/client): data line: 30 31 20 43 45 54 20 32 30 30 34 2E 0A 0A 3C 2F 01 CET 2004...</
http[25296]: (zorp/intra_http:105/http/client): data line: 62 6F 64 79 3E 0A 3C 2F 68 74 6D 6C 3E 0A body>.</html>.
http[25296]: (zorp/intra_http:105/http): calling __shutdown__() event;
http[25296]: (zorp/intra_http:105/http): calling shutDown() event;
http[25296]: (zorp/intra_http:105/http): calling __destroy__() event;
http[25296]: (zorp/intra_http:105/http): Proxy destroy; class='IntraHttp', module='http'
http[25296]: (zorp/intra_http:105/http/client): Shutdown channel; fd='15', mode='2'
http[25296]: (zorp/intra_http:105/http/client): Shutdown failed; attempt='1', error='Transport endpoint is not connected'
http[25296]: (zorp/intra_http:105/http/client): Closing channel; fd='15'
http[25296]: (zorp/intra_http:105/http): Proxy ending; class='IntraHttp', module='http'
http[25296]: (zorp/intra_http:105): Ending proxy instance;
http[25296]: (zorp/intra_http:105/http/client): accounting info; type='stream', duration='1', sent='844', received='352'
http[25296]: (zorp/intra_http:105/http): thread exiting;
--
krad