Project

General

Profile

Tâche #20041

Scénario #19809: Assistance aux utilisateurs (13-15)

squid ne log pas la bonne IP source

Added by Klaas TJEBBES about 3 years ago. Updated almost 3 years ago.

Status:
Fermé
Priority:
Normal
Assigned To:
Start date:
01/27/2017
Due date:
% Done:

100%

Estimated time:
0.00 h
Spent time:
Remaining (hours):
0.0

Description

Dans les logs squid (l'IP source devrait être 10.1.2.50) :

2017-03-31T14:55:42.418150+02:00 amon.etb1.lan (squid-1): 1490964942.417   5143 127.0.0.1 TCP_TUNNEL/200 27029 CONNECT linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -

Même avec la configuration :

root@amon:/etc/squid# grep allow *
01inc-squid.conf:http_access allow password
common-squid1.conf:follow_x_forwarded_for allow localhost
common-squid1.conf:follow_x_forwarded_for allow from_localhost
common-squid2.conf:allow_underscore on

log complet

2017-03-31T14:55:36.597425+02:00 amon.etb1.lan (squid-1): 1490964936.597      0 10.1.2.50 TCP_DENIED/407 4162 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:36.603262+02:00 amon.etb1.lan (squid-1): 1490964936.603      0 127.0.0.1 TCP_DENIED/407 4463 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.220750+02:00 amon.etb1.lan (squid-1): 1490964937.220      2 10.1.2.50 TCP_DENIED/407 4162 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.221437+02:00 amon.etb1.lan (squid-1): 1490964937.221      0 10.1.2.50 TCP_DENIED/407 4162 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.221842+02:00 amon.etb1.lan (squid-1): 1490964937.221      0 10.1.2.50 TCP_DENIED/407 4178 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.222234+02:00 amon.etb1.lan (squid-1): 1490964937.222      0 10.1.2.50 TCP_DENIED/407 4178 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.222986+02:00 amon.etb1.lan (squid-1): message repeated 2 times: [ 1490964937.222      0 10.1.2.50 TCP_DENIED/407 4178 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html]
2017-03-31T14:55:37.223375+02:00 amon.etb1.lan (squid-1): 1490964937.223      0 10.1.2.50 TCP_DENIED/407 4178 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.223765+02:00 amon.etb1.lan (squid-1): 1490964937.223      0 10.1.2.50 TCP_DENIED/407 4178 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.224135+02:00 amon.etb1.lan (squid-1): 1490964937.224      0 10.1.2.50 TCP_DENIED/407 4162 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.240808+02:00 amon.etb1.lan (squid-1): 1490964937.240      0 10.1.2.50 TCP_DENIED/407 4162 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.244580+02:00 amon.etb1.lan (squid-1): 1490964937.244      0 127.0.0.1 TCP_DENIED/407 4463 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.249442+02:00 amon.etb1.lan (squid-1): 1490964937.249      0 127.0.0.1 TCP_DENIED/407 4463 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.250613+02:00 amon.etb1.lan (squid-1): 1490964937.250      0 127.0.0.1 TCP_DENIED/407 4463 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.253409+02:00 amon.etb1.lan (squid-1): 1490964937.253      0 127.0.0.1 TCP_DENIED/407 4479 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.254643+02:00 amon.etb1.lan (squid-1): 1490964937.254      0 127.0.0.1 TCP_DENIED/407 4479 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.256868+02:00 amon.etb1.lan (squid-1): 1490964937.256      0 127.0.0.1 TCP_DENIED/407 4479 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.258316+02:00 amon.etb1.lan (squid-1): 1490964937.258      1 127.0.0.1 TCP_DENIED/407 4479 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.258630+02:00 amon.etb1.lan (squid-1): 1490964937.258      1 127.0.0.1 TCP_DENIED/407 4479 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.259534+02:00 amon.etb1.lan (squid-1): 1490964937.259      1 127.0.0.1 TCP_DENIED/407 4479 CONNECT img.linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.262225+02:00 amon.etb1.lan (squid-1): 1490964937.262      0 10.1.2.50 TCP_DENIED/407 4162 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.273414+02:00 amon.etb1.lan (squid-1): 1490964937.273      1 127.0.0.1 TCP_DENIED/407 4463 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:37.327352+02:00 amon.etb1.lan (squid-1): 1490964937.327      0 127.0.0.1 TCP_DENIED/407 4463 CONNECT linuxfr.org:443 - HIER_NONE/- text/html
2017-03-31T14:55:42.417267+02:00 amon.etb1.lan (squid-1): 1490964942.415   5097 127.0.0.1 TCP_TUNNEL/200 13994 CONNECT img.linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:42.418150+02:00 amon.etb1.lan (squid-1): 1490964942.417   5143 127.0.0.1 TCP_TUNNEL/200 27029 CONNECT linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:42.421772+02:00 amon.etb1.lan (squid-1): 1490964942.421   5111 127.0.0.1 TCP_TUNNEL/200 232802 CONNECT img.linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:42.424285+02:00 amon.etb1.lan (squid-1): 1490964942.424   5145 127.0.0.1 TCP_TUNNEL/200 32075 CONNECT img.linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:42.427383+02:00 amon.etb1.lan (squid-1): 1490964942.427   5147 127.0.0.1 TCP_TUNNEL/200 31979 CONNECT img.linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:42.431631+02:00 amon.etb1.lan (squid-1): 1490964942.431   5819 127.0.0.1 TCP_TUNNEL/200 61959 CONNECT linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:42.441029+02:00 amon.etb1.lan (squid-1): 1490964942.440   5165 127.0.0.1 TCP_TUNNEL/200 8170 CONNECT linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:42.441454+02:00 amon.etb1.lan (squid-1): 1490964942.440   5121 127.0.0.1 TCP_TUNNEL/200 279348 CONNECT img.linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:42.450446+02:00 amon.etb1.lan (squid-1): 1490964942.450   5119 127.0.0.1 TCP_TUNNEL/200 4080 CONNECT linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:42.457606+02:00 amon.etb1.lan (squid-1): 1490964942.457   5137 127.0.0.1 TCP_TUNNEL/200 184968 CONNECT img.linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:42.466877+02:00 amon.etb1.lan (squid-1): 1490964942.466   5065 127.0.0.1 TCP_TUNNEL/200 4942 CONNECT linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -
2017-03-31T14:55:43.122929+02:00 amon.etb1.lan (squid-1): 1490964943.122   5848 127.0.0.1 TCP_TUNNEL/200 52394 CONNECT linuxfr.org:443 admin HIER_DIRECT/88.191.250.176 -

Capture d’écran_2017-04-06_15-57-14.png View (419 KB) Klaas TJEBBES, 04/06/2017 03:58 PM


Related issues

Related to Distribution EOLE - Tâche #20030: E2Guardian authplugins User/IP : aide au débuggage Fermé 01/27/2017
Related to Distribution EOLE - Tâche #20428: tests E2G pour le bug "squid log 127.0.0.1 au lieu de l'IP du poste client" Fermé 12/09/2016

History

#1 Updated by Klaas TJEBBES about 3 years ago

  • Description updated (diff)

#2 Updated by Klaas TJEBBES about 3 years ago

  • Status changed from Nouveau to Ne sera pas résolu

#3 Updated by Klaas TJEBBES about 3 years ago

  • Estimated time set to 0.00 h
  • Remaining (hours) set to 0.0

#4 Updated by Klaas TJEBBES almost 3 years ago

Wireshark affiche bien la bonne IP source :

    X-Forwarded-For: 10.1.2.50\r\n

#5 Updated by Klaas TJEBBES almost 3 years ago

  • Assigned To set to Klaas TJEBBES

#6 Updated by Klaas TJEBBES almost 3 years ago

Si j'associe l'Ip de mon poste avec un filtre :
10.1.2.51=filter5
alors j'ai des "127.0.0.1" (accompagnés de nombreux "10.1.2.51" aussi) dans squid.log.

Si je supprime l'association <ip>=filterX, alors j'ai bien la bonne IP source dans squid.log.

#7 Updated by Klaas TJEBBES almost 3 years ago

  • Related to Tâche #20030: E2Guardian authplugins User/IP : aide au débuggage added

#8 Updated by Daniel Dehennin almost 3 years ago

  • Status changed from En cours to Fermé
  • % Done changed from 0 to 100

Suivre les demandes sur la page wiki de suivi.

#10 Updated by Klaas TJEBBES almost 3 years ago

  • Related to Tâche #20428: tests E2G pour le bug "squid log 127.0.0.1 au lieu de l'IP du poste client" added

Also available in: Atom PDF