Доброго времени суток всем. Не нашёл ответа в инете. Пишу здесь. Система FreeBSD 7.2-RELEASE-p3. squid-3.1.0.13 с портов. Возникла необходимость перекомпилять ядро. Сделал. Перегрузился, всё работает, акромя сквида. В логах на запросы по 443 порту методом CONNECT возникает ошибка: comm_open: socket failure: (43) Protocol not supportedПросто по HTTP работает. Ошибка судя по всему это ошибка ядра, т.к. нашёл её упоминания в манах о системных вызовах.
После откатился на GENERIC и всё починилось. Конфиг ядра перекочевал с другого рабочего сервера.
Спасибо
>Спасибопредлагаю начать с выяснения того, чем ваше ядро отличается от generic
>
>>Спасибо
>
>предлагаю начать с выяснения того, чем ваше ядро отличается от genericДа много чем. По сути дела вырезал лишние дрова, добавил поддержку IPFW и прочее к ниму и вроде бы ничего криминального. Могу вставить текст конфига.
>Да много чем. По сути дела вырезал лишние дрова, добавил поддержку IPFW
>и прочее к ниму и вроде бы ничего криминального. Могу вставить
>текст конфига.лучше diff от конфигов
и еще один вопрос: собранное на вашей машине generic ядро работоспособно? или только перенесенное с другой
GENERIC ядро работоспособно. оно родное с дистриба ещё.вот diff GENERIC SUNEXP. много получилось конечно:
19c19
< # $FreeBSD: src/sys/i386/conf/GENERIC,v 1.474.2.17.2.1 2009/04/15 03:14:26 kensmith Exp $
---
> # $FreeBSD: src/sys/i386/conf/GENERIC,v 1.429.2.18 2008/07/28 02:20:29 yongari Exp $21c21,22
< cpu I486_CPU
---
> machine i386
> #cpu I486_CPU24c25,39
< ident GENERIC
--->[оверквотинг удален]
> options IPFIREWALL_FORWARD
> options IPDIVERT
> options IPFILTER
> options IPFILTER_LOG
> options IPFILTER_LOOKUP
> #options TCP_DROP_SYNFIN
> options IPSTEALTH
> device daemon_saver
>
> options CPU_FASTER_5X86_FPU29c44,50
< makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols
---
> #makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols
> #options SCHED_ULE
>
> options COMPAT_FREEBSD4 # Compatible with FreeBSD4
> options COMPAT_FREEBSD5 # Compatible with FreeBSD5
> options COMPAT_FREEBSD6
> options PAE31c52,53
< options SCHED_ULE # ULE scheduler
---
>
> options SCHED_4BSD # 4BSD scheduler34,35c56
< options INET6 # IPv6 communications protocols
< options SCTP # Stream Control Transmission Protocol
---
> #options INET6 # IPv6 communications protocols40d60
< options UFS_GJOURNAL # Enable gjournal-based UFS journaling
42,45c62,65
< options NFSCLIENT # Network Filesystem Client
< options NFSSERVER # Network Filesystem Server
< options NFSLOCKD # Network Lock Manager
< options NFS_ROOT # NFS usable as /, requires NFSCLIENT
---
> #options NFSCLIENT # Network Filesystem Client
> #options NFSSERVER # Network Filesystem Server
> #options NFSLOCKD # Network Lock Manager
> #options NFS_ROOT # NFS usable as /, requires NFSCLIENT50,52c70,71
< options GEOM_PART_GPT # GUID Partition Tables.
< options GEOM_LABEL # Provides labelization
< options COMPAT_43TTY # BSD 4.3 TTY compat [KEEP THIS!]
---
> #options GEOM_GPT # GUID Partition Tables.
> options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]55d73
< options COMPAT_FREEBSD6 # Compatible with FreeBSD6
58d75
< options STACK # stack(9) support
65,67d81
< options STOP_NMI # Stop CPUS using NMI instead of IPI
< options AUDIT # Security event auditing
< #options KDTRACE_HOOKS # Kernel DTrace hooks
69,70d82
< # To make an SMP kernel, the next two lines are needed
< options SMP # Symmetric MultiProcessor Kernel
73,75d84
< # CPU frequency control
< device cpufreq
<
88,89c97,98
< device atapifd # ATAPI floppy drives
< device atapist # ATAPI tape drives
---
> #device atapifd # ATAPI floppy drives
> #device atapist # ATAPI tape drives93c102
< device ahb # EISA AHA1742 family
---
> #device ahb # EISA AHA1742 family100,102c109,110
< device amd # AMD 53C974 (Tekram DC-390(T))
< device hptiop # Highpoint RocketRaid 3xxx series
< device isp # Qlogic family
---
> #device amd # AMD 53C974 (Tekram DC-390(T))
> #device isp # Qlogic family104c112
< device mpt # LSI-Logic MPT-Fusion
---
> #device mpt # LSI-Logic MPT-Fusion106,107c114,115
< device sym # NCR/Symbios Logic (newer chipsets + those of `ncr')
< device trm # Tekram DC395U/UW/F DC315U adapters
---
> #device sym # NCR/Symbios Logic (newer chipsets + those of `ncr')
> #device trm # Tekram DC395U/UW/F DC315U adapters109,117c117,125
< device adv # Advansys SCSI adapters
< device adw # Advansys wide SCSI adapters
< device aha # Adaptec 154x SCSI adapters
< device aic # Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
< device bt # Buslogic/Mylex MultiMaster SCSI adapters
<
< device ncv # NCR 53C500
< device nsp # Workbit Ninja SCSI-3
< device stg # TMC 18C30/18C50
---
> #device adv # Advansys SCSI adapters
> #device adw # Advansys wide SCSI adapters
> #device aha # Adaptec 154x SCSI adapters
> #device aic # Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
> #device bt # Buslogic/Mylex MultiMaster SCSI adapters
>
> #device ncv # NCR 53C500
> #device nsp # Workbit Ninja SCSI-3
> #device stg # TMC 18C30/18C50133,135c141,144
< device dpt # DPT Smartcache III, IV - See NOTES for options
< device hptmv # Highpoint RocketRAID 182x
< device hptrr # Highpoint RocketRAID 17xx, 22xx, 23xx, 25xx
---
> #device dpt # DPT Smartcache III, IV - See NOTES for options
> #device hptmv # Highpoint RocketRAID 182x
> #device hptrr # Highpoint RocketRAID 17xx, 22xx, 23xx, 25xx
> #device rr232x # Highpoint RocketRAID 232x144c153
< device ida # Compaq Smart RAID
---
> #device ida # Compaq Smart RAID163a173,177
> # Enable this for the pcvt (VT220 compatible) console driver
> #device vt
> #options XSERVER # support for X server on a vt console
> #options FAT_CURSOR # start with block cursor
>173,175c187,189
< device cbb # cardbus (yenta) bridge
< device pccard # PC Card (16-bit) bus
< device cardbus # CardBus (32-bit) bus
---
> #device cbb # cardbus (yenta) bridge
> #device pccard # PC Card (16-bit) bus
> #device cardbus # CardBus (32-bit) bus179d192
< device uart # Generic UART driver
191c204
< # line to enable it (connects to sio, uart and/or ppc drivers):
---
> # line to enable it (connects to the sio and/or ppc drivers):196,197c209
< device em # Intel PRO/1000 Gigabit Ethernet Family
< device igb # Intel PRO/1000 PCIE Server Gigabit Family
---
> device em # Intel PRO/1000 adapter Gigabit Ethernet Card199d210
< device le # AMD Am7900 LANCE and Am79C9xx PCnet
206,207d216
< device age # Attansic/Atheros L1 Gigabit Ethernet
< device ale # Atheros AR8121/AR8113/AR8114 Ethernet
212d220
< device et # Agere ET1310 10/100/Gigabit Ethernet
214,218c222,225
< device jme # JMicron JMC250 Gigabit/JMC260 Fast Ethernet
< device lge # Level 1 LXT1001 gigabit Ethernet
< device msk # Marvell/SysKonnect Yukon II Gigabit Ethernet
< device nfe # nVidia nForce MCP on-board Ethernet
< device nge # NatSemi DP83820 gigabit Ethernet
---
> #device jme # JMicron JMC250 Gigabit/JMC260 Fast Ethernet
> #device lge # Level 1 LXT1001 gigabit Ethernet
> #device msk # Marvell/SysKonnect Yukon II Gigabit Ethernet
> #device nge # NatSemi DP83820 gigabit Ethernet220c227
< device pcn # AMD Am79C97x PCI 10/100 (precedence over 'le')
---
> device pcn # AMD Am79C97x PCI 10/100(precedence over 'lnc')237c244
< device cs # Crystal Semiconductor CS89x0 NIC
---
> #device cs # Crystal Semiconductor CS89x0 NIC239,245c246,253
< device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
< device ex # Intel EtherExpress Pro/10 and Pro/10+
< device ep # Etherlink III based cards
< device fe # Fujitsu MB8696x based cards
< device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
< device sn # SMC's 9000 series of Ethernet chips
< device xe # Xircom pccard Ethernet
---
> #device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
> #device ex # Intel EtherExpress Pro/10 and Pro/10+
> #device ep # Etherlink III based cards
> #device fe # Fujitsu MB8696x based cards
> #device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
> #device lnc # NE2100, NE32-VL Lance Ethernet cards
> #device sn # SMC's 9000 series of Ethernet chips
> #device xe # Xircom pccard Ethernet248,263c256,267
< device wlan # 802.11 support
< device wlan_wep # 802.11 WEP support
< device wlan_ccmp # 802.11 CCMP support
< device wlan_tkip # 802.11 TKIP support
< device wlan_amrr # AMRR transmit rate control algorithm
< device wlan_scan_ap # 802.11 AP mode scanning
< device wlan_scan_sta # 802.11 STA mode scanning
< device an # Aironet 4500/4800 802.11 wireless NICs.
< device ath # Atheros pci/cardbus NIC's
< device ath_hal # Atheros HAL (Hardware Access Layer)
< options AH_SUPPORT_AR5416 # enable AR5416 tx/rx descriptors
< device ath_rate_sample # SampleRate tx rate control for ath
< device awi # BayStack 660 and others
< device ral # Ralink Technology RT2500 wireless NICs.
< device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
< #device wl # Older non 802.11 Wavelan wireless NIC.
---
>[оверквотинг удален]
> #device wlan_ccmp # 802.11 CCMP support
> #device wlan_tkip # 802.11 TKIP support
> #device an # Aironet 4500/4800 802.11 wireless NICs.
> #device ath # Atheros pci/cardbus NIC's
> #device ath_hal # Atheros HAL (Hardware Access Layer)
> #device ath_rate_sample # SampleRate tx rate control for ath
> #device awi # BayStack 660 and others
> #device ral # Ralink Technology RT2500 wireless NICs.
> #device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
> #device wl # Older non 802.11 Wavelan wireless NIC.274c278
< device gif # IPv6 and IPv4 tunneling
---
> #device gif # IPv6 and IPv4 tunneling276d279
< device firmware # firmware assist module
295,309c298,300
< device ural # Ralink Technology RT2500USB wireless NICs
< device rum # Ralink Technology RT2501USB wireless NICs
< device urio # Diamond Rio 500 MP3 player
< device uscanner # Scanners
< # USB Serial devices
< device ucom # Generic com ttys
< device uark # Technologies ARK3116 based serial adapters
< device ubsa # Belkin F5U103 and compatible serial adapters
< device ubser # BWCT console serial adapters
< device uftdi # For FTDI usb serial adapters
< device uipaq # Some WinCE based devices
< device uplcom # Prolific PL-2303 serial adapters
< device uslcom # SI Labs CP2101/CP2102 serial adapters
< device uvisor # Visor and Palm devices
< device uvscom # USB serial support for DDI pocket's PHS
---
> #device ural # Ralink Technology RT2500USB wireless NICs
> #device urio # Diamond Rio 500 MP3 player
> #device uscanner # Scanners319,324c310,312
< device firewire # FireWire bus code
< device sbp # SCSI over FireWire (Requires scbus and da)
< device fwe # Ethernet over FireWire (non-standard!)
< device fwip # IP over FireWire (RFC 2734,3146)
< device dcons # Dumb console driver
< device dcons_crom # Configuration ROM for dcons
---
> #device firewire # FireWire bus code
> #device sbp # SCSI over FireWire (Requires scbus and da)
> #device fwe # Ethernet over FireWire (non-standard!)
>[оверквотинг удален]
>методом CONNECT возникает ошибка: comm_open: socket failure: (43) Protocol not supported
>
>
>Просто по HTTP работает. Ошибка судя по всему это ошибка ядра, т.к.
>нашёл её упоминания в манах о системных вызовах.
>
>После откатился на GENERIC и всё починилось. Конфиг ядра перекочевал с другого
>рабочего сервера.
>
>СпасибоINET6 требуется в ядре. Даже если squid без INET6
>[оверквотинг удален]
>>
>>Просто по HTTP работает. Ошибка судя по всему это ошибка ядра, т.к.
>>нашёл её упоминания в манах о системных вызовах.
>>
>>После откатился на GENERIC и всё починилось. Конфиг ядра перекочевал с другого
>>рабочего сервера.
>>
>>Спасибо
>
>INET6 требуется в ядре. Даже если squid без INET6Та же хрень, ядро пересобрал с поддержкой INET6 - ошибка перестала в логах писаться но https всё равно не работает, в логах TCP_MISS/503 0 CONNECT и всё.
баг вылез при апгрейде с 3.1.4 на 3.1.6