Thread Info
  • State Not Answered
  • Replies 9 replies
  • Subscribers 0 subscribers
  • Views 1655 views
  • Users 0 members are here
Options
Suggested

[8.160][NOTABUG][CLOSED] HTTP (2nd colon found in domain with no username)

wingman
Hi All

When logged in via pptp conection  I am getting "broken pipe errors" 

2011:03:05-11:32:33 *******  httpproxy[8535]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xeb5edbb8" function="send_response_body_sendfile" file="response.c" line="559" message="sendfile: fd 5: Broken pipe"

2011:03:05-11:32:44 *******  httpproxy[8535]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1097" message="2nd colon found in domain with no username"

2011:03:05-11:32:37 *******  httpproxy[8535]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xeb5cd5d8" function="send_response_body_sendfile" file="response.c" line="559" message="sendfile: fd 21: Broken pipe"


Thanks
  • 0 
    Astaro Beta Report
    --------------------------------
    Version: 8.160
    Type: NOTABUG
    State: CLOSED
    Reporter: wingman
    Contributor: 
    MantisID: 
    Target version: 
    Fixed in version: 
    --------------------------------

  • 0
    Well, you need to prove a little more information about the circumstances when and how this happens before we can make any use of this. At least we need to know which website you are trying to access.
  • 0
    Oh, and btw., the subject you've chosen is rather misleading when all you get are http log entries...
  • 0
    ok you are right! Let me fix the title and provide HTTP logs from that day 

    2011:03:05-11:03:48  httpproxy[8535]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.1" dstip="209.20.83.205" user="" statuscode="200" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="0" request="0xd4a50b90" url="linkedin2.client.xobni.com/.../Freeware"

    2011:03:05-11:03:58 httpproxy[8535]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.1" dstip="209.20.83.205" user="" statuscode="200" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="0" request="0xd4a50380" url="linkedin2.client.xobni.com/.../Freeware"

    2011:03:05-11:04:54 httpproxy[8535]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1097" message="2nd colon found in domain with no username"

    2011:03:05-11:05:26 httpproxy[8535]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.2" dstip="95.101.82.88" user="" statuscode="200" cached="4" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="8675" request="0xd4a50b90" url="www.ets.org/.../gif"

    2011:03:05-11:05:28  httpproxy[8535]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1097" message="2nd colon found in domain with no username"

    2011:03:05-11:10:51  httpproxy[8535]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.1" dstip="137.254.16.64" user="" statuscode="302" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="0" request="0xeb5c41f8" url="javadl.sun.com/.../AutoDL

    2011:03:05-11:10:52  httpproxy[8535]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1097" message="2nd colon found in domain with no username"

    2011:03:05-11:11:22  httpproxy[8535]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.1" dstip="74.125.79.132" user="" statuscode="200" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="17685" request="0xeb5edbb8" url="skins.gmodules.com/.../skin_xml_to_css

    2011:03:05-11:11:22  httpproxy[8535]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1097" message="2nd colon found in domain with no username"


    What other logs do you require?
  • 0
    Thanks for providing the logs.

    SvenS has also taken a quick look at it and we're sure that you can safely ignore these "2nd colon found in domain with no username" messages. As long as they are  purely informational (ie.  severity="info"), and as long as the statuscode is in the "good range", we don't see a problem here.
  • 0
    fair enough. I will monitor the logs in case I get a strange status code or the severity is different [:)]
  • 0
    I have attached the latest entries from Today. However, they are all info and no user impact 

    2011:03:22-18:19:41 *******  httpproxy[13585]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.1" dstip="209.20.83.205" user="" statuscode="200" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="0" request="0xe69a34a0" url="linkedin2.client.xobni.com/.../Freeware"

    2011:03:22-18:19:41 *******  httpproxy[13585]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1100" message="2nd colon found in domain with no username"

    2011:03:22-18:19:41 *******  httpproxy[13585]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1100" message="2nd colon found in domain with no username"

    2011:03:22-18:19:41 *******  httpproxy[13585]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.1" dstip="209.20.83.205" user="" statuscode="200" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="0" request="0xe6d34fc0" url="linkedin2.client.xobni.com/.../people

    2011:03:22-18:19:45 *******  httpproxy[13585]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.1" dstip="209.20.83.205" user="" statuscode="200" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="0" request="0xe6d34fc0" url="linkedin2.client.xobni.com/.../Freeware"

    2011:03:22-18:19:45 *******  httpproxy[13585]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1100" message="2nd colon found in domain with no username"

    2011:03:22-18:19:45 *******  httpproxy[13585]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1100" message="2nd colon found in domain with no username"

    2011:03:22-18:19:46 *******  httpproxy[13585]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.1" dstip="66.220.146.15" user="" statuscode="200" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="418" request="0xe95b6aa8" url="api.facebook.com/.../xml"

    2011:03:22-18:19:46 *******  httpproxy[13585]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1100" message="2nd colon found in domain with no username"

    2011:03:22-18:19:46 *******  httpproxy[13585]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1100" message="2nd colon found in domain with no username"

    2011:03:22-18:19:46 *******  httpproxy[13585]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.1" dstip="209.20.83.205" user="" statuscode="200" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="0" request="0xe5b7ef60" url="linkedin2.client.xobni.com/.../Freeware"

    2011:03:22-18:19:46 *******  httpproxy[13585]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1100" message="2nd colon found in domain with no username"

    2011:03:22-18:19:46 *******  httpproxy[13585]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1100" message="2nd colon found in domain with no username"

    2011:03:22-18:20:14 *******  httpproxy[13585]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.1" dstip="209.20.83.205" user="" statuscode="200" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="0" request="0xe5b7ef60" url="linkedin2.client.xobni.com/.../Freeware"

    2011:03:22-18:20:14 *******  httpproxy[13585]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1100" message="2nd colon found in domain with no username"

    2011:03:22-18:20:14 *******  httpproxy[13585]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_log" file="scr_scanner.c" line="1100" message="2nd colon found in domain with no username"

    2011:03:22-18:20:14 *******  httpproxy[13585]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.1" dstip="209.20.94.136" user="" statuscode="200" cached="0" profile="REF_CnNPwVRtng (Internal Users)" filteraction="REF_DefaultHTTPCFFBlockAction (Internal Users)" size="32" request="0xe5b7ef60" url="facebook.client.xobni.com/.../html"
  • 0
    If they are just logged, and if you don't have any "real" problems with the sites being logged there, i think it's best to ignore them. They can be a valuable hint if you experience real problems (that's why we have them in there in the first place), but they are meaningless otherwise.
  • 0
    I don't have any real problem so it's safe to close it as [NOT BUG]

    Thanks
Cookie Information Banner