Hi there.
I've a problem using squidguard under openbsd (4.4, 4.5, 4.6) with this
combination (squid + squidclamav + squidguard). The problem is that
after different hours that squidguard got not request, all squidguard
processes becomes zombies.
when the error show i get from
[/var/squidguard/log/squidGuard.log] reports:
2010-04-22 18:30:00 [6702] Info: recalculating alarm in 30 seconds
2010-04-22 18:30:00 [6702] squidGuard stopped (1259515800.261)
......
....
and ps:
_squid 6702 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 29852 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 13322 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 19733 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 23681 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 29024 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 10963 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 4752 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 9844 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 10946 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 15118 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 24546 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 28657 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 26160 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 10505 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 31381 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 6034 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 8429 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 32393 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 8880 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 9160 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
_squid 20881 0.0 0.0 0 0 ?? Z - 0:00.00
(squidGuard)
root 18821 0.0 0.4 1236 1268 ?? Is 3:15PM 0:00.02 squid
-d 10
_squid 16228 0.0 4.3 10312 12804 ?? S 3:15PM 0:09.64
(squid) -d 10 (squid)
_squid 31884 0.0 0.7 756 2076 ?? Is 3:15PM 0:00.81
(squidclamav) (squidclamav)
_squid 25836 0.0 0.7 632 2076 ?? Is 3:15PM 0:00.54
(squidclamav) (squidclamav)
_squid 6972 0.0 0.7 764 2084 ?? Is 3:15PM 0:00.27
(squidclamav) (squidclamav)
_squid 15649 0.0 0.7 776 2052 ?? Is 3:15PM 0:00.16
(squidclamav) (squidclamav)
_squid 6213 0.0 0.7 672 2064 ?? Is 3:15PM 0:00.16
(squidclamav) (squidclamav)
_squid 17857 0.0 0.7 716 2076 ?? Is 3:15PM 0:00.21
(squidclamav) (squidclamav)
_squid 17810 0.0 0.7 756 2076 ?? Is 3:15PM 0:00.17
(squidclamav) (squidclamav)
_squid 988 0.0 0.7 652 2072 ?? Is 3:15PM 0:00.14
(squidclamav) (squidclamav)
_squid 4536 0.0 0.7 608 1920 ?? Is 3:15PM 0:00.15
(squidclamav) (squidclamav)
_squid 13393 0.0 0.7 508 1952 ?? Is 3:15PM 0:00.14
(squidclamav) (squidclamav)
_squid 623 0.0 0.7 668 1936 ?? Is 3:15PM 0:00.08
(squidclamav) (squidclamav)
_squid 24677 0.0 0.7 696 1948 ?? Is 3:15PM 0:00.10
(squidclamav) (squidclamav)
_squid 30591 0.0 0.7 544 1940 ?? Is 3:15PM 0:00.08
(squidclamav) (squidclamav)
_squid 32597 0.0 0.7 688 1920 ?? Is 3:15PM 0:00.14
(squidclamav) (squidclamav)
_squid 24345 0.0 0.7 584 1920 ?? Is 3:15PM 0:00.11
(squidclamav) (squidclamav)
_squid 3959 0.0 0.7 568 1940 ?? Is 3:15PM 0:00.07
(squidclamav) (squidclamav)
_squid 24872 0.0 0.7 668 1924 ?? Is 3:15PM 0:00.14
(squidclamav) (squidclamav)
_squid 26243 0.0 0.7 484 1924 ?? Is 3:15PM 0:00.14
(squidclamav) (squidclamav)
_squid 26139 0.0 0.7 528 1948 ?? Is 3:15PM 0:00.14
(squidclamav) (squidclamav)
_squid 1263 0.0 0.7 516 1936 ?? Is 3:15PM 0:00.13
(squidclamav) (squidclamav)
_squid 8850 0.0 0.7 588 1932 ?? Is 3:15PM 0:00.07
(squidclamav) (squidclamav)
_squid 7546 0.0 0.7 504 1952 ?? Is 3:15PM 0:00.13
(squidclamav) (squidclamav)
After this error, squid can receive the request, and send the request to
squidclamav, squidclamav, receive the request and (log) says:
[6972] DEBUG Request:http://www.openbsd.org/ 192.168.1.65/- - GET
[6972] DEBUG Sending request to chained program: /usr/local/bin/squidGuard
but all processes of squidguard are died...and they don't process the
request.
Then, I've make different tests.
squid + squidguard (works fine)
squid + squidclamav (works fine)
squid + squidclamav + squidguard (squidguard processes becomes zombie)
squid + ad-zap (zapchain) + squidclamav + squidguard (squidguard
processes becomes zombie)
I've traced also squidguard processes with ktrace, and I get this:
14078 squidGuard EMUL "native"
14078 squidGuard PSIG SIGALRM caught handler=0xb7b61d8 mask=0x0
14078 squidGuard RET poll -1 errno 4 Interrupted system call
14078 squidGuard CALL write(0x5,0xcfbe6fa7,0x1)
14078 squidGuard GIO fd 5 wrote 1 bytes
"\^N"
14078 squidGuard RET write 1
14078 squidGuard CALL sigreturn(0xcfbe6fcc)
14078 squidGuard RET sigreturn JUSTRETURN
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL read(0x3,0xcfbe7210,0x80)
14078 squidGuard GIO fd 3 read 1 bytes
"\^N"
14078 squidGuard RET read 1
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL read(0x3,0xcfbe7210,0x80)
14078 squidGuard RET read -1 errno 35 Resource temporarily unavailable
14078 squidGuard CALL gettimeofday(0x2b7a7058,0)
14078 squidGuard RET gettimeofday 0
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL gettimeofday(0xcfbe7248,0)
14078 squidGuard RET gettimeofday 0
14078 squidGuard CALL sigaction(0xe,0xcfbe7230,0)
14078 squidGuard RET sigaction 0
14078 squidGuard CALL gettimeofday(0xcfbe51b8,0)
14078 squidGuard RET gettimeofday 0
14078 squidGuard CALL write(0x8,0x89504000,0x44)
14078 squidGuard GIO fd 8 wrote 68 bytes
"2009-12-14 18:30:01 [14078] Info: recalculating alarm in 30 seconds
"
14078 squidGuard RET write 68/0x44
14078 squidGuard CALL setitimer(0,0xcfbe7240,0xcfbe7230)
14078 squidGuard RET setitimer 0
14078 squidGuard CALL gettimeofday(0xcfbe7478,0)
14078 squidGuard RET gettimeofday 0
14078 squidGuard CALL gettimeofday(0xcfbe5398,0)
14078 squidGuard RET gettimeofday 0
14078 squidGuard CALL write(0x8,0x89504000,0x40)
14078 squidGuard GIO fd 8 wrote 64 bytes
"2009-12-14 18:30:01 [14078] squidGuard stopped (1260811801.371)
"
14078 squidGuard RET write 64/0x40
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x3c007000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x3c007000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x201e6000,0x2000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x201e6000,0x2000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL mprotect(0x856ab000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x856ab000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x856ab000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x856ab000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b393000,0x2000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b393000,0x2000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL mprotect(0x856ab000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x856ab000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x201e6000,0x2000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x201e6000,0x2000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x201e6000,0x2000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x201e6000,0x2000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL setitimer(0x2,0xcfbe7400,0)
14078 squidGuard RET setitimer 0
14078 squidGuard CALL close(0x3)
14078 squidGuard RET close 0
14078 squidGuard CALL close(0x5)
14078 squidGuard RET close 0
14078 squidGuard CALL fcntl(0,0x3,0)
14078 squidGuard RET fcntl 6
14078 squidGuard CALL fcntl(0,0x4,0x2)
14078 squidGuard RET fcntl 0
14078 squidGuard CALL fcntl(0x1,0x3,0)
14078 squidGuard RET fcntl 6
14078 squidGuard CALL fcntl(0x1,0x4,0x2)
14078 squidGuard RET fcntl 0
14078 squidGuard CALL fcntl(0x4,0x3,0)
14078 squidGuard RET fcntl 2
14078 squidGuard CALL fcntl(0x4,0x4,0x2)
14078 squidGuard RET fcntl 0
14078 squidGuard CALL fcntl(0x6,0x3,0)
14078 squidGuard RET fcntl 13/0xd
14078 squidGuard CALL fcntl(0x6,0x4,0x9)
14078 squidGuard RET fcntl 0
14078 squidGuard CALL fcntl(0x7,0x3,0)
14078 squidGuard RET fcntl 2
14078 squidGuard CALL fcntl(0x7,0x4,0x2)
14078 squidGuard RET fcntl 0
14078 squidGuard CALL fcntl(0x8,0x3,0)
14078 squidGuard RET fcntl 13/0xd
14078 squidGuard CALL fcntl(0x8,0x4,0x9)
14078 squidGuard RET fcntl 0
14078 squidGuard CALL fcntl(0x9,0x3,0)
14078 squidGuard RET fcntl 6
14078 squidGuard CALL fcntl(0x9,0x4,0x2)
14078 squidGuard RET fcntl 0
14078 squidGuard CALL fcntl(0xa,0x3,0)
14078 squidGuard RET fcntl 6
14078 squidGuard CALL fcntl(0xa,0x4,0x2)
14078 squidGuard RET fcntl 0
14078 squidGuard CALL sigprocmask(0x1,0xffffffff)
14078 squidGuard RET sigprocmask 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x3)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL mprotect(0x2b7a8000,0x1000,0x1)
14078 squidGuard RET mprotect 0
14078 squidGuard CALL sigprocmask(0x3,0)
14078 squidGuard RET sigprocmask -65793/0xfffefeff
14078 squidGuard CALL exit(0)
then i've create a very simple redirector (get the request and forward,
with a 1 only exception for a url, some line of code) and I've tried this:
squid + myrdr (works fine)
squid + squidclamav + myrdr (works fine)
squid + zapchain + squidclamav + myrdr (works fine)
I've tested these also on a fresh instal without rules of pf.
software:
OpenBSD (4.4, 4.5, 4.6)
squid stable 2.7
squidguard-1.4 without patches
squidclamav 5.0 (tried also a beta release supplied by squidclamav team)
Any issue?
Thanks in advance.