xiongxu / s3fs

Automatically exported from code.google.com/p/s3fs
GNU General Public License v2.0
0 stars 0 forks source link

s3fs can't be transparently proxied via squid #59

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Set up a transparent squid proxy
2. For all HTTP traffic over the proxy
3. Create a file on a mounted s3 drive (using http, not https)

What is the expected output? What do you see instead?
expected: file created
actual: Input/Output error. Syslog says: ###response=417

What version of the product are you using? On what operating system?
r177, Ubuntu Jaunty.

Please provide any additional information below.
Disabling the proxy fixes it. HTTPS always works, since it can't be
transparently proxied.

Original issue reported on code.google.com by mikeage on 4 Jun 2009 at 1:49

GoogleCodeExporter commented 9 years ago
Is this still an issue?  If so, please first try the latest code. If it is 
still an issue after that, then please provide very detailed instructions on 
how to reproduce the issue. Thank you.

Original comment by dmoore4...@gmail.com on 5 Feb 2011 at 1:50

GoogleCodeExporter commented 9 years ago
Just tried again with r308. Same problem.

Here's what I did:

iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner proxy -j ACCEPT
iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 3128

This forces all port 80 traffic, except traffic that came from user "proxy", to 
port 3128.

In squid.conf, I set:
http_port 3128 transparent

The same error is present in syslog. 

I was doing some research, and discovered this link:

http://gionn.net/how-circumvent-417-expectation-failed-behind-squid-proxy

It appears that squid sometimes has trouble with AWS; nothing to do with s3fs. 
Adding the line 

ignore_expect_100 on 

to squid.conf fixes the problem, with no changes required in s3fs.

You can close this. Thanks

Original comment by mikeage on 5 Feb 2011 at 5:51

GoogleCodeExporter commented 9 years ago
Thank you for the follow up and information. Marking this one done.

Original comment by dmoore4...@gmail.com on 7 Feb 2011 at 4:07