Join Log in
Score:0
chingis avatar Server

Squid in docker returns 502 but works when run on host

au flag
chingis

I'm using the same config for squid 5.6 that runs on a host machine and in docker. When I run it on the host (Ubuntu 22.10) it works just fine but when I run it from ubuntu/squid image I get 502 bad gateway error.

Squid config:

acl localnet src 0.0.0.1-0.255.255.255  # RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8             # RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10          # RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16         # RFC 3927 link-local (directly plugged) machines
acl localnet src 172.16.0.0/12          # RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16         # RFC 1918 local private network (LAN)
acl localnet src fc00::/7               # RFC 4193 local private network range
acl localnet src fe80::/10              # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
#http_access deny !Safe_ports
#http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
include /etc/squid/conf.d/*.conf
http_access allow localhost
#http_access deny all
http_access allow all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern .               0       20%     4320
http_upgrade_request_protocols OTHER allow all

debug_options ALL,1 11,3 31,3 65,3

This is how I run it via docker:

docker run -v /etc/squid/squid.conf:/etc/squid/squid.conf -p 3128:3128 ubuntu/squid

Logs when running squid on the host machine (works fine):

2022/11/23 13:13:56.878 kid1| 11,2| client_side.cc(1357) parseHttpRequest: HTTP Client conn7 local=x.x.x.x:3128 remote=y.y.y.y:56636 FD 11 flags=1
2022/11/23 13:13:56.891 kid1| 11,2| client_side.cc(1358) parseHttpRequest: HTTP Client REQUEST:
---------
GET https://example.com/socket.io/?EIO=3&transport=polling&t=OIadwKA&b64=1 HTTP/1.1
user-agent: node-XMLHttpRequest
accept: */*
Host: example.com:443
connection: close


----------
2022/11/23 13:13:57.233 kid1| 11,3| http.cc(2498) httpStart: GET https://example.com/socket.io/?EIO=3&transport=polling&t=OIadwKA&b64=1
2022/11/23 13:13:57.234 kid1| 11,2| http.cc(2454) sendRequest: HTTP Server conn10 local=x.x.x.x:47078 remote=z.z.z.z:443 HIER_DIRECT FD 13 flags=1
2022/11/23 13:13:57.234 kid1| 11,2| http.cc(2455) sendRequest: HTTP Server REQUEST:
---------
GET /socket.io/?EIO=3&transport=polling&t=OIadwKA&b64=1 HTTP/1.1
User-Agent: node-XMLHttpRequest
Accept: */*
Host: example.com
Via: 1.1 squid-new (squid/5.6)
X-Forwarded-For: y.y.y.y
Cache-Control: max-age=0
Connection: keep-alive


----------
2022/11/23 13:13:57.390 kid1| ctx: enter level  0: 'https://example.com/socket.io/?EIO=3&transport=polling&t=OIadwKA&b64=1'
2022/11/23 13:13:57.390 kid1| 11,3| http.cc(666) processReplyHeader: processReplyHeader: key '0100000000000000FFB9000001000000'
2022/11/23 13:13:57.390 kid1| 11,2| http.cc(720) processReplyHeader: HTTP Server conn10 local=x.x.x.x:47078 remote=z.z.z.z:443 HIER_DIRECT FD 13 flags=1
2022/11/23 13:13:57.391 kid1| 11,2| http.cc(721) processReplyHeader: HTTP Server RESPONSE:
---------
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 13:13:57 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 100
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: io=TXpnzoBUkck9fUgiAAGO; Path=/; HttpOnly
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Strict-Transport-Security: max-age=63072000

Logs when I run it in docker (502 gateway):

1669209346.964    475 y.y.y.y TCP_MISS/502 4012 GET https://example.com/socket.io/? - HIER_DIRECT/z.z.z.z text/html
2022/11/23 13:15:46.488| 11,2| client_side.cc(1357) parseHttpRequest: HTTP Client conn6 local=172.17.0.2:31288 remote=y.y.y.y:56834 FD 10 flags=1
2022/11/23 13:15:46.488| 11,2| client_side.cc(1358) parseHttpRequest: HTTP Client REQUEST:
---------
GET https://example.com/socket.io/?EIO=3&transport=polling&t=OIaeL57&b64=1 HTTP/1.1
user-agent: node-XMLHttpRequest
accept: */*
Host: example.com:443
connection: close


----------
2022/11/23 13:15:46.809| 11,3| http.cc(2498) httpStart: GET https://example.com/socket.io/?EIO=3&transport=polling&t=OIaeL57&b64=1
2022/11/23 13:15:46.810| 11,2| http.cc(2454) sendRequest: HTTP Server conn9 local=172.17.0.2:45890 remote=z.z.z.z:443 HIER_DIRECT FD 12 flags=1
2022/11/23 13:15:46.810| 11,2| http.cc(2455) sendRequest: HTTP Server REQUEST:
---------
GET /socket.io/?EIO=3&transport=polling&t=OIaeL57&b64=1 HTTP/1.1
User-Agent: node-XMLHttpRequest
Accept: */*
Host: example.com
Via: 1.1 d6850669e571 (squid/5.6)
X-Forwarded-For: y.y.y.y
Cache-Control: max-age=0
Connection: keep-alive


----------
2022/11/23 13:15:46.963| 11,2| http.cc(1291) readReply: conn9 local=172.17.0.2:45890 remote=z.z.z.z:443 HIER_DIRECT FD 12 flags=1: read failure: (0) No error.
2022/11/23 13:15:46.963| 11,2| Stream.cc(279) sendStartOfMessage: HTTP Client conn6 local=172.17.0.2:31288 remote=y.y.y.y:56834 FD 10 flags=1
2022/11/23 13:15:46.963| 11,2| Stream.cc(280) sendStartOfMessage: HTTP Client REPLY:
---------
HTTP/1.1 502 Bad Gateway
Server: squid/5.6
Mime-Version: 1.0
Date: Wed, 23 Nov 2022 13:15:46 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3637
X-Squid-Error: ERR_READ_ERROR 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from d6850669e571
X-Cache-Lookup: MISS from d6850669e571:31288
Via: 1.1 d6850669e571 (squid/5.6)
Connection: close
190
1 + 0
Score:0
chingis avatar Server
au flag
chingis

It seems to be the problem with ubuntu/squid image not docker in general. The image is currently marked as beta or edge, not stable. I built a alpine-based squid image and it has resolved my issue.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.