Riesil som ten isty problem, po dlhych perepatich a nevysvetlitelnych chybach som sa dozvedel, ze bankovy software na servere v banke ma nastavene prisne timeouty. Ak klient komunikoval na linke sam, tak vsetko bolo ok, ak linka/proxyserver bol zatazeny v case rovnomerne (napr. vela ftp prenosov) tak vsetko bolo vsetko tiez ok, ale ak zataz bola dynamicka a vyrazne sa menila doba odozvy, tak to bankova strana zhodila.
V prvej faze sa zaviedlo pridelovenie pasma cez dummynet a poprosila banka o spolupracu. V druhej faze sa navysila rychlost linky a bezi to bez problemov doteraz. S pozdravom Jozef Drahovsky Petr Macek wrote / napĂsal(a): > Zdravim, > omlouvam se za OT a rovnou priznavam, ze squid proste nemam rad a spatne > konfiguruji :-) Zakaznik pozadoval proxy s autorizaci, to jede, ale mam > problem s jednou bankou. Po restartu squidu se to prvnimu uzivateli pry > obcas povede, potom uz ne. Porad to jen zobrazuje autorizacni dialog. V > logu je tohle: > > 1195632938.606 62 10.10.110.59 TCP_DENIED/407 1851 GET > http://www.volksbank.cz/vb/jnp/cz/home/index.html - NONE/- text/html > 1195632938.751 145 10.10.110.59 TCP_MISS/200 17043 GET > http://www.volksbank.cz/vb/jnp/cz/home/index.html test > DIRECT/195.39.69.100 text/html > 1195632938.752 1 10.10.110.59 TCP_DENIED/407 1896 GET > http://www.volksbank.cz/vb/public/75/17/80/e/25_9356_general.css - > NONE/- text/html > 1195632938.767 0 10.10.110.59 TCP_DENIED/407 1890 GET > http://www.volksbank.cz/vb/public/5c/21/1/ea/23_9389_print.css - NONE/- > text/html > 1195632938.782 29 10.10.110.59 TCP_MISS/304 224 GET > http://www.volksbank.cz/vb/public/75/17/80/e/25_9356_general.css test > DIRECT/195.39.69.100 - > > Temer defaultni konfigurace vypada takhle: > auth_param digest program /usr/local/libexec/squid/digest_pw_auth > /usr/local/etc/squid/squid_pass > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl to_localhost dst 127.0.0.0/8 > acl SSL_ports port 443 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT > http_access allow manager localhost > http_access deny manager > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > acl password proxy_auth REQUIRED > http_access allow password > icp_access allow all > http_port 3128 > hierarchy_stoplist cgi-bin ? > acl QUERY urlpath_regex cgi-bin \? > cache deny QUERY > cache_dir ufs /usr/local/squid/cache 5000 16 256 > access_log /usr/local/squid/logs/access.log squid > refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 > refresh_pattern . 0 20% 4320 > acl apache rep_header Server ^Apache > broken_vary_encoding allow apache > coredump_dir /usr/local/squid/cache > > > Jsem vdecny za jakoukoli radu > > PM > > > -- FreeBSD mailing list (users-l@freebsd.cz) http://www.freebsd.cz/listserv/listinfo/users-l
