Hi,
on my UTM 9.505-4 i have the following lines all over the web-protection log:
httpproxy[4888]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 137 (Input/output error)"
we use the Web-Protection as parent Proxy four our internal squid-cache. the web-protection has no Cache, no blocked-sites, no authentication, no request-logging and works in non-transparent mode. its basically only for AV scanning on http and https. all the Caching, site-blocking and authentication happens on the squid Proxy.
the log-entries on the UTM are accompanied with the following log-lines in squid Proxy:
kid1| TCP connection to (Sophos-utm-ip)/8080 failed
kid1| TCP connection to (Sophos-utm-ip)/8080 failed
kid1| TCP connection to (Sophos-utm-ip)/8080 failed
kid1| TCP connection to (Sophos-utm-ip)/8080 failed
kid1| Detected DEAD Parent: (Sophos-utm-ip)
kid1| TCP connection to (Sophos-utm-ip)/8080 failed
kid1| TCP connection to (Sophos-utm-ip)/8080 failed
kid1| Detected REVIVED Parent: (Sophos-utm-ip)
everytime this happens, users experience great delays in web-Surfing. sites not responding and so on...it just happens for a few seconds before everything goes back to normal.
if we let squid handle all the Surfing without UTM as parent proxy the Problem is gone. so it's def an UTM issue.
squid config line for parent proxy:
cache_peer (Sophos-utm-ip) parent 8080 0 no-query no-digest default
never_direct allow all
any ideas?
best regards, daniel
This thread was automatically locked due to age.
