RE: [squid-users] Squid and www.runescape.com

I'm running version Squid-2.5.STABLE6.

However I just tried the same thing on an identical server, identical in
everyway, same hardware, same O/S, same versions of Squid etc, exactly the
same. Even down to the options squid was compiled with, verified with "squid
-v".

The only difference between the 2 is they are hosted at different locations.
And the fact that the site works fine on the second server.

The logs differ slightly on each server.
They are more or less identical up to the point the site fails.

The server the site fails on shows:

##########
1145615642.904 43 192.168.1.33 TCP_MISS/502 1947 GET
http://www.runescape.com/serverlist.ws? - DIRECT/82.133.85.216 text/html
##########

The stops there.

However the server the site works on shows the same line but shows
TCP_MISS/200:

##########
1145615597.912 1004 192.168.1.33 TCP_MISS/200 38016 GET
http://www.runescape.com/serverlist.ws? - DIRECT/216.180.254.134 text/html
##########

The cache.log shows more or less the same also.

The server the site doesn't work on:

##############
2006/04/21 11:40:19| ctx: enter level 0:
'http://www.runescape.com/serverlist.ws?plugin=0&lores.x=179&lores.y=40'
##############

The server the site does work on:

##############
2006/04/21 11:36:33| ctx: enter level 0:
'http://www.runescape.com/serverlist.ws?plugin=0&lores.x=160&lores.y=40'
##############

I'm lost as to way it works on one and not the other.
What does the TCP_MISS/500 entry mean?
Is there any other debugging I can do, I did a tcpdump on both servers but
can't see anything that looked out of place.

Thanks
Tony

-----Original Message-----
From: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Sent: 21 April 2006 07:18
To: Tony
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Squid and www.runescape.com

tor 2006-04-20 klockan 15:25 +0100 skrev Tony:
> If the web server was broken would it also not fail when trying to access
> the game without going through Squid?

It doesn't fail via Squid-2.5.STABLE13 here.

The brokenness isn't noticed by most browsers as they are quite careless
in parsing the HTTP protocol. Unfortunately due to recent attacks Squid
cannot affort that luxury and is quite strict about the HTTP protocol
structure. But this specific error only gets logged in cache.log unless
you have told Squid to be really strict via the relaxed_http_parser
directive..

> It only fails when I try to go via the Squid server.

Which Squid version?

> Is there a different way of writing cookies for sending via a proxy and
> sending them directly to a web browser?

If the server formats the cookie header correctly there will not be a
problem.

The problem is that their cookie header has a newline after the date,
followed by yet another cookie argument. This breaks the HTTP protocol
as headers are terminated by newline so that extra argument gets read as
another header line, but it isn't a valid header..

Regards
Henrik

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.