42 seconds inactivity threshold is WAY too low for any normal TCP/IP
networking.
But it is very odd that you are seeing traffi beween ports 80 and
3128.. one of the two sides should be "random", so maybe someone is trying to
hack your Squid by using port 80 as source address hoping to bypass some
firewall rules...
Regards
Henrik Nordström
Squid Hacker
On Thursday 15 November 2001 11.51, Jens Ueberschaer wrote:
> "Jun 07 18:07:27.321 ic-firewall kernel[0]: 301 Internal warning: TCP
> session
> [state: 3, inact ive for 42 secon ds] between IP-A dress/3128 and
> IP-Adress/80
> timed out due to inactivity"
>
> So that seems like a tcp keepalive problem. Squid opens the connection and
> never use it again and the firewall drops the connection. Maybe squid does
> not send the fin-Bit.
> How can I configure squid to solve that problem? I read the manual, the
> config-manual and searched the mailing list archive. But found nothing.
Received on Thu Nov 15 2001 - 08:15:11 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:14 MST