Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
Updated privoxy from 3.0.6 to latest portage 3.0.8. Prior to upgrade privoxy / squid worked without issue. I have squid and privoxy inline for internal users, Chain is: browser (tcp 80) -> iptables (redirect tcp 8000) -> squid (tcp 8000) -> privoxy (tcp 8118) -> internet. privoxy stops responding to squid requests and squid marks the parent cache (privoxy) as down logging errors in cache.log: "Detected DEAD Parent: 127.0.0.1", "TCP connection to 127.0.0.1/8118 failed", "temporary disabling (Gateway Time-out) digest from 127.0.0.1". Privoxy has logged this message at upto 238 times per second (doesnt happen all the time): "Privoxy(00000001) Request: 127.0.0.1:8118/squid-internal-periodic/store_digest". At around the same time, iptables reported: "nf_conntrack: table full, dropping packet." Reproducible: Always Steps to Reproduce: 1. start privoxy 2. start squid 3. fails after a small number of http requests Portage 2.1.4.4 (default-linux/x86/2006.1, gcc-4.3.0, glibc-2.6.1-r0, 2.6.26-rc7-00025-g481c534 i686) ================================================================= System uname: 2.6.26-rc7-00025-g481c534 i686 Pentium III (Coppermine) Timestamp of tree: Mon, 23 Jun 2008 09:00:01 +0000 app-shells/bash: 3.2_p33 dev-lang/python: 2.4.4-r13 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.61-r2 sys-devel/automake: 1.7.9-r1, 1.9.6-r2, 1.10.1 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=pentium3 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /var/bind" CONFIG_PROTECT_MASK="/etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -march=pentium3 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="ccache collision-protect distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://ftp.mirrorservice.org/sites/www.ibiblio.org/gentoo/ " LANG="en_GB" LC_ALL="en_GB" LINGUAS="en_GB en" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X apache2 bash-completion berkdb cli cracklib crypt cups dri emacs fortran gdbm gpm gtk iconv ipv6 isdnlog midi mp3 mudflap ncurses nls nptl nptlonly opengl openmp pam pcre perl postgres ppds pppd python readline reflection session spl ssl tcpd unicode x86 xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_GB en" USERLAND="GNU" VIDEO_CARDS="i810" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS, MAKEOPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Created an attachment (id=158111) [details] /etc/privoxy/config privoxy config file
Sounds like an infinite loop. What redirection rule do you have in iptables? Are you sure privoxy connections are excluded from this redirection?
Reporter vanished, closed as INVALID.
I'm experiencing what is most likely the same problem. My setup is less complicated: browser -> privoxy -> web Immediately after privoxy starts, behavior is as expected. After a few HTTP requests, though, it stops responding. /etc/init.d/privoxy restart doesn't work, I have to killall privoxy and then start it up again to get another short period of functionality. Please re-open the bug.
Do you have some traces that could help us identify the problem?
Unfortunately, no. As the original poster said, this isn't leaving any useful messages in any logs, and it's not segfaulting. I'm running amd64; I guess that might be part of what's triggering the problem.
(In reply to comment #6) > Unfortunately, no. As the original poster said, this isn't leaving any useful > messages in any logs, and it's not segfaulting. > > I'm running amd64; I guess that might be part of what's triggering the problem. > I'm running Intel 32 bit so I guess not ;) It's interesting that restarting squid or privoxy temporarily clears the problem for me. It's also interesting that privoxy doesn't exit when told to terminate by /etc/init.d/privoxy stop.
I've p.masked version 3.0.8, revived the old stable version and added the latest beta version (3.0.9). Please test 3.0.9 and tell me if this version fixes the issue.
3.0.9 appears to be working correctly.
Closed as FIXED then.
