Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 10 November 2024, 10:20:09 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14251 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  HTTP Proxy - (104) Connection reset by peer
0 Members and 4 Guests are viewing this topic. « previous next »
Pages: [1] 2  All Go Down Print
Author Topic: HTTP Proxy - (104) Connection reset by peer  (Read 112282 times)
danodemano
Full Member
***
Offline Offline

Gender: Male
Posts: 47


WWW
« on: Thursday 29 October 2009, 10:48:17 am »

After just installing the final 2.3 version today, I decided to play with the HTTP transparent proxy a bit.  However, now matter what I seem to do or what site I go to, I always get this error:
Code:
ERROR


The requested URL could not be retrieved
While trying to retrieve the URL:
http://www.cnn.com/
The following error was encountered:
Read Error

The system returned:
(104) Connection reset by peer

An error condition occurred while reading data from the network. Please retry your request.

Your cache administrator is x@gmail.com.

Endian Firewall - Powered by Squid

Generated Wed, 28 Oct 2009 23:39:52 GMT by x.yyyy.com (squid/2.6.STABLE22)

Even if I disable the access policy or set the profile to "none" I still get this error.  I see this in the access.log:

Code:
Oct 28 19:39:52 gateway squid[5492]: 1256773192.773    837 192.168.9.8 TCP_MISS/502 2775 GET http://www.cnn.com/ - FIRST_UP_PARENT/content1 text/html
Oct 28 19:39:52 gateway squid[5492]: 1256773192.990     77 192.168.9.8 TCP_MISS/502 2797 GET http://www.cnn.com/favicon.ico - FIRST_UP_PARENT/content1 text/html
Oct 28 19:39:55 gateway squid[5492]: 1256773195.989     79 192.168.9.8 TCP_MISS/502 2797 GET http://www.cnn.com/favicon.ico - FIRST_UP_PARENT/content1 text/html

I'm not using any type of authentication however, if I make it non-transparent and use authentication I get the same error message after entering the correct username/password.  Any help would be appreciated.  Thanks!!!
Logged
danodemano
Full Member
***
Offline Offline

Gender: Male
Posts: 47


WWW
« Reply #1 on: Thursday 29 October 2009, 11:02:43 am »

OK....I lied.  I can get it to work if I create a new access policy (and disabled the old one) however if I try to enable the virus detection, I get this:
Code:
ERROR


The requested URL could not be retrieved
While trying to retrieve the URL: http://www.cnn.com/

The following error was encountered:

Unable to forward this request at this time.

Sorry, you are not currently allowed to request:
http://www.cnn.com/
from this cache until you have authenticated yourself.

This request could not be forwarded to the origin server or to any
parent caches. The most likely cause for this error is that:
The cache administrator does not allow this cache to make direct connections to origin servers, and
All configured parent caches are currently unreachable.

Your cache administrator is x@gmail.com.

Endian Firewall - Powered by Squid

Generated Wed, 28 Oct 2009 23:57:54 GMT by x.yyyy.com (squid/2.6.STABLE22)

I see this in the cache.log file:
Code:
2009/10/28 19:57:45| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:45| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:45| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:45| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:45| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:46| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:46| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:46| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:46| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:46| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:46| Detected DEAD Parent: havp
2009/10/28 19:57:46| TCP connection to 127.0.0.1/9998 failed
2009/10/28 19:57:51| Failed to select source for 'http://www.cnn.com/'
2009/10/28 19:57:51|   always_direct = 0
2009/10/28 19:57:51|    never_direct = 1
2009/10/28 19:57:51|        timedout = 0
2009/10/28 19:57:54| Failed to select source for 'http://www.cnn.com/'
2009/10/28 19:57:54|   always_direct = 0
2009/10/28 19:57:54|    never_direct = 1
2009/10/28 19:57:54|        timedout = 0

I must be missing something here...
Logged
tnol2
Jr. Member
*
Offline Offline

Posts: 6


« Reply #2 on: Tuesday 29 December 2009, 01:11:54 am »

I have the same error, but not function any creating a new access policy. Any idea?
Logged
Taxman
Jr. Member
*
Offline Offline

Posts: 6


« Reply #3 on: Tuesday 29 December 2009, 05:55:45 am »

I have a fresh install of 2.3 (community)

Seems like the http proxy is "broken"  Huh

I can get the "transparent" issue working by adding the "automatic detect" or "http://<firewall IP>/proxy.pac" in the browser's proxy settings. (wouldn't exactly call that "transparent")

But I am seeing what others are... basically if I enable HTTP proxy... ALL traffic on port http port 80 is rejected.  I have the

I have authentication set to "disabled" and using the "Default Profile" (with everything enabled).  Does not work.

If I try to access a https site.. it works, but nothing on port 80.

I confirmed that the "Activate antivirus scan" was un-checked on content1.

Also enabled "FIREFOX, JAVA, MSIE, WINUPD" in the Access policy.

NADA.  Basically - I have to turn HTTP Proxy off... or the firewall is un-usable to reach the outside world.  Huh
Logged
Tenaya
Jr. Member
*
Offline Offline

Posts: 3


« Reply #4 on: Tuesday 29 December 2009, 07:58:52 am »

Have the same trouble with the proxy. I tried the transparent mode in combination with the browsers' automatic proxy settings. Even that does not work on my installation. The squid log file (/var/log/squid/squid.out) ist filled up with the below mentioned entry.

Code:
FATAL: Bungled squid.conf line 93: acl allowed_ports       port "/etc/squid/acls/ports.acl"
Squid Cache (Version 2.6.STABLE22): Terminated abnormally.

For me it looks like a serious endian bug. Any further ideas?
Logged
Taxman
Jr. Member
*
Offline Offline

Posts: 6


« Reply #5 on: Tuesday 29 December 2009, 08:12:36 am »

For me it looks like a serious endian bug. Any further ideas?

Thanks for the further confirmation - was thinking it was something I had done wrong...

Didn't really know where to start as this was my first install of endian.  Hopefully someone can help shed some light on this, or even better if there IS a problem... get it fixed!

I have heard there was an update 12/15/2009 for the retail config... maybe they fixed it there, but not "community".
Logged
Tenaya
Jr. Member
*
Offline Offline

Posts: 3


« Reply #6 on: Tuesday 29 December 2009, 10:49:38 pm »

I’ve spend now a whole day to get this proxy thing working – no success. For me the community version of the 2.3 final release is too buggy. I will go back to the 2.2. Let’s wait for a 2.3.1 release.
Logged
tnol2
Jr. Member
*
Offline Offline

Posts: 6


« Reply #7 on: Wednesday 30 December 2009, 02:55:57 am »


Use tcpdump on its output interface, and check with which IP you are going to the Internet when the proxy is enabled. And then create a NAT to translate this address to a valid IP on the Internet.

In my case the command I used was (without the quotes):

"tcpdump-i eth1 dst 200.154.56.80"


Then my computer I tried to access the IP 200.154.56.80 by the browser, there desconbri my IP output. And I saw that the IP, although valid, was not configured on the router. So I created a NAT for this IP, converting it to the IP that was used for direct, before the use of Proxy.
Logged
Taxman
Jr. Member
*
Offline Offline

Posts: 6


« Reply #8 on: Wednesday 30 December 2009, 02:57:38 am »

I’ve spend now a whole day to get this proxy thing working – no success. For me the community version of the 2.3 final release is too buggy. I will go back to the 2.2. Let’s wait for a 2.3.1 release.

Yea starting to get that feeling also, not sure I want to PAY for support if they are not willing to pop into the community area from time to time to address issues with the community build (that is not updated/patched obviously).

Guess if there isn't a workaround, I will just leave the proxy OFF... and wait till 2.3.1, or downgrade to 2.2 as you are doing.

Thanks!
Logged
SandStorm
Jr. Member
*
Offline Offline

Posts: 4


« Reply #9 on: Monday 11 January 2010, 10:42:48 pm »

Anyone have an idea when 2.3.1 or whatever the next version will be is due?

Logged
Johnny Chin
Full Member
***
Offline Offline

Gender: Male
Posts: 15



« Reply #10 on: Wednesday 03 February 2010, 05:45:09 pm »

Add the cnn.com to /etc/squid/acls/nocache.acl will let only this webpage by passing the squid proxy.
Logged
freestore
Jr. Member
*
Offline Offline

Posts: 1


« Reply #11 on: Wednesday 10 February 2010, 12:30:39 pm »

I had the same problem and found that the havp was not loaded, as you can not start it I disable the option "Activate antivirus scan and the rules came into effect.

I did not discover the reason havp not be working.
Logged
cmorillotx
Jr. Member
*
Offline Offline

Posts: 1


« Reply #12 on: Tuesday 02 March 2010, 07:14:22 am »

Here's what I had to do to get the trifecta of squid proxy, havp, and content filtering (aka dansguardian) to work

1) Turn on proxy from the gui.

2) Log into the command line of you Endian FWC as root. You may need to enable ssh access for that.

3) HAVP is missing two files - blacklist and whitelist. It doesn't matter if nothing is in them. It just wants the files to be there. Either touch the files in /etc/havp ("touch /etc/havp/whitelist" and "touch /etc/havp/blacklist") OR link them to /var/efw/havp/whitelist and /var/efw/havp/blacklist.

4) make sure clamd is running. /etc/init.d/clamd start

5) make sure dansguardian is running. Dansguardian runs on port 9999 and 9998 so the "TCP Connect to parent: 9999 failed" is the proxy server telling you dansguardian is not running. "/etc/init.d/dansguardian restart"

Log files for all those services are kept in /var/log/.
Of course, these fixes require that you know a little bit of Linux command line in order to use as these fixes do not seem to be available through the gui.

Hope this helps!  Grin
Logged
nijai
Jr. Member
*
Offline Offline

Posts: 2


« Reply #13 on: Thursday 04 March 2010, 06:40:32 pm »

Thanks to cmorillotx for your tips ... it works perfectly now ... you dont know how much u have helped me thanks again
Logged
DAKnn
Jr. Member
*
Offline Offline

Posts: 6


« Reply #14 on: Monday 18 July 2011, 03:00:55 pm »

I have this solution works partially or NOT at all help  Cry
helps if you disable web proxy..

[PROBLEM NOT SOLVED]
Logged
Pages: [1] 2  All Go Up Print 
« previous next »
Jump to:  

Page created in 0.125 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com