billthecatt
commented
4 years ago I reverted my sniproxy config to stock and this issue went away. Pretty sure that's fixing the symptom, but the logs stopped exploding.
Closing,,
Closed billthecatt closed 4 years ago
billthecatt
commented
4 years ago I reverted my sniproxy config to stock and this issue went away. Pretty sure that's fixing the symptom, but the logs stopped exploding.
Closing,,
I'm seeing this in my logs rolling continually on my lancache host (10.1.1.9 is the address of enp12s0 on the lancache box) : 2020-07-02 11:28:16 10.1.1.9:48201 -> 10.1.1.9:443 -> 10.1.1.9:443 [(null)] 0/0 bytes tx 112/112 bytes rx 0.011 seconds 2020-07-02 11:28:16 10.1.1.9:48203 -> 10.1.1.9:443 -> 10.1.1.9:443 [(null)] 0/0 bytes tx 112/112 bytes rx 0.011 seconds 2020-07-02 11:28:16 10.1.1.9:48205 -> 10.1.1.9:443 -> 10.1.1.9:443 [(null)] 0/0 bytes tx 112/112 bytes rx 0.011 seconds 2020-07-02 11:28:16 10.1.1.9:48207 -> 10.1.1.9:443 -> 10.1.1.9:443 [(null)] 0/0 bytes tx 112/112 bytes rx 0.011 seconds tail -f of this file just scrolls and scrolls, so it's happening continually.
It's so constant my /var/log/sniproxy/https_access.log file grows to like 40G within days of restarting sniproxy. If this was coming from a network source I'd use wireshark and/or tcpdump on the command line to figure out what the offending domain name lookup is/was and stop caching/dns for it. Because it's coming from the localhost, to the localhost, I can't really do that..
Any ideas how I can resolve this? I think it's impacting performance, and at the least indicates a mis-configuration somewhere..
Is there a way I can increase the logging in sniproxy to determine what's actually causing these?