Hi all,

I've a network with a Sonicwall firewall, the traffic is redirected to an Ubuntu 9.0.4 with Squid 2.7.STABLE3 as a transparent proxy.
Normally the proxy works fine, but for certain pages I get an "Invalid request" response, and the weird thing is that I've these problems only with Internet Explorer clients (6 or 7) and not with Firefox (3.5.3).
If I shut down the proxy the problems seem to be solved.

Here's my squid.conf file:

acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 94.x.x.0/28
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access deny all
icp_access allow localnet
icp_access deny all
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
acl nocache_servers dstdomain .jeffhawkeclub.com
cache deny nocache_servers
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320
request_header_max_size 20 KB
reply_header_max_size 20 KB
acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]
upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
acl bypass_servers dstdomain sportelloweb.inpdap.it
acl bypass_servers dstdomain portale.rossoalice.alice.it
always_direct allow bypass_servers
hosts_file /etc/hosts
coredump_dir /var/spool/squid

And this is a piece of my cache.log file:

2009/09/28 09:58:53| parseHttpRequest: Unsupported method 'p.it/detrazioni/images/head_txt.gif'
2009/09/28 09:58:53| clientTryParseRequest: FD 66 (94.x.x.x:63703) Invalid Request
2009/09/28 10:00:28| parseHttpRequest: Unsupported method 'p.it/detrazioni/ritorni.aspx?id_testata=968&cf=CSRNRM38R68D136D'
2009/09/28 10:00:28| clientTryParseRequest: FD 15 (94.x.x.x:47375) Invalid Request
2009/09/28 10:00:37| parseHttpRequest: Unsupported method 'p.it/detrazioni/ritorni.aspx?id_testata=968&cf=CSRNRM38R68D136D'
2009/09/28 10:00:37| clientTryParseRequest: FD 15 (94.x.x.x:15281) Invalid Request

You see the requests seem to be truncated (the site is "www.inpadp.it", so the first 9 characters are missing)...

Any idea?

Dario

Try and dump network traffic with tcpflow please. That might give a clue.

Hi.

I have a similar problem with squid and sonicwall firewall. Did you find a solution.

My symptoms are ..
the first time I got to some sites I get

ERROR
The requested URL could not be retrieved
Invalid Request error was encountered while trying to process the request:
GET /time/ HTTP/1.1
Host: www.time.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0.1) Gecko/20100101 Firefox/5.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Connection: keep-alive
Some possible problems are:
Missing or unknown request method.
Missing URL.
Missing HTTP Identifier (HTTP/1.0).
Request is too large.
Content-Length missing for POST or PUT requests.
Illegal character in hostname; underscores are not allowed.
Your cache administrator is webmaster.
Generated Tue, 09 Aug 2011 21:15:41 GMT by nzhmlprx01 (squid/2.7.STABLE7)


Then after I refresh it's ok.

And I see a lot of

clientTryParseRequest: FD 94 (192.168.XX.XX:49840) Invalid Request
errors in the cache log.

Hi clubbing80s,

I was unable to find the solution of my problem, probably it was due to the Sonicwall firewall, so I had to uninstall squid.
A question: are you using squid as a "transparent proxy"?

Dario