���� ������ !!!!
��� � ��� ������ �����. oops -z ������ �� ��� ������ storage � ��� ��� ��
�������� � ���������� ��� �� ������ �� ����.
��� ��� ���������:
��� ����� ������������ ������.
oopsctl stat
-----------------------------BEGIN------------------------
## -- General info --
Version : 1.5.6
Uptime : 16961sec, (0day(s), 4hour(s), 42min(s))
Last update : Wed Mar 14 08:20:51 2001
Clients : 0 (max: 79)
HTTP requests: 3305
ICP requests: 0
Total hits : 521
Curr.req.rate: 0.05 req/sec (max: 1.17)
Tot.req.rate : 0.19 req/sec
Curr.hit.rate: 0.00 %
Tot.hit.rate : 15.76 %
Curr.icp.rate: 0.00 req/sec (max: 0.00)
## -- CPU --
Total usage : 45458ms
Delta usage : 114ms
Delta time : 61000ms
Curr. CPU : 0.19 % (0.02s+0.17u)
Aver. CPU : 0.27 % (0.08s+0.19u)
## -- storages --
Storage : /usr/local/proxy/oops/storages/oops_storage
Size : 520.00 MB
Free blks : 0 blks (0.00Mb) 0.00 %
State : NOT_READY
Fileno : 0
Storage : /usr/local/proxy/oops/storages/oops_storage1
Size : 600.00 MB
Free blks : 0 blks (0.00Mb) 0.00 %
State : NOT_READY
Fileno : 0
## -- end of storages --
## -- modules --
accel WWW-accelerator (URL redirector)
berkeley_db BerkeleyDB API (DB Interface)
CustomLog Customized access log. (Log recording)
err Error reporting module (Error reporting)
fastredir Fast Substring URL Redirector (URL redirector)
gigabase_db GigaBASE API (DB Interface)
lang National languages handling module (Output handling)
DummyLog Dummy logging module (Log recording)
oopsctl Oops controlling module (Independent port listener)
passwd_file Auth using passwd file (Authentication)
passwd_mysql Auth using mysql (Authentication)
passwd_pgsql Auth using postgresql (Authentication)
redir Regex URL Redirector (URL redirector)
transparent Transparent proxy (URL redirector)
vary Processing 'Vary:' header (Document headers check)
## -- end of modules --
## -- icp peers --
## -- end of icp peers--
------------------------------END------------------------
oops.cfg
------------------------------BEGIN------------------------
##
# nameservers. Use your own, not our.
##
nameserver 212.42.101.33
##
# Ports and address to use for HTTP and ICP
##
#bind ip_addr|hostname
http_port 3128
icp_port 3130
##
## Change euid to that user
##
## WARNING: if you use 'userid, then you 'reconfigure will not be able to
## open new sockets on reserved (< 1024) ports and will not be able
## to return to original userid.
##
##
## Change root directory. If don't know exactly what are you doing -
## leave commented.
#chroot ???
##
# Logfile - just debug output
# When used in form 'filename [{N S}] [[un]buffered]'
# will be rotated automatically (up to N files up to S bytes in size)
##
#logfile /dev/tty
logfile /usr/local/proxy/oops/logs/oops.log { 3 1m } unbuffered
##
# Accesslog - the same as for squid. Re rotating - see note for logfile
##
#accesslog /dev/tty
accesslog /usr/local/proxy/oops/logs/access.log
##
# Pidfile. for kill -1 `cat oops.pid` and for locking.
##
pidfile /usr/local/proxy/oops/logs/oops.pid
##
# Statistics file - once per minute flush some statistics to this file
##
statistics /usr/local/proxy/oops/logs/oops_statfile
##
# icons - where to find link.gif, dir.gif, binary.gif and so on (for
# ftp lists). If omitted - name of running host will be used. But
# using explicit names is better way.
##
#icons-host ss5.paco.net
#icons-port 80
#icons-path icons
##
# When total object volume in memory grow over this (this mean
# that cachable data from network came faster then we can save on disk)
# drop objects (without attempt to save on disk).
##
mem_max 64m
##
# Hint, how much cached objects keep in memory.
# When total amount become larger then this limit - start
# swaping cachable objects to disk
##
lo_mark 8m
##
# start random early drop when number of clients reach some level.
# this can protect you against attacks and against situation when
# oops cant handle too much connections. By default - 0 (or no limits).
##
#start_red 0
##
# refuse any connection when number of already connected clients reach some
# level. By default - 0 (or no limits).
##
#refuse_at 0
##
# if document contain no Expires: then expire after (in days)
# ftp-expire-value - expire time for ftp (in days)
##
default-expire-value 7
ftp-expire-value 7
##
# Maximum expite time - doc will not keep in cache more then
# this number of days (except if defaiult-expire-value used for this documeny)
##
max-expire-value 30
##
# in which proportion time passed since last document modification
# will accounted in expire time. For example, if last-modified-factor=5
# and there was passed 10 days since document modification, then expiration
# will be setted to 2 days in future (but no nore then max-expire-value)
##
last-modified-factor 5
##
# If you want not cache replies without Last-Modified:
# uncomment next line.
##
#dont_cache_without_last_modified
# run expire every ( in hours )
##
default-expire-interval 1
##
# icp_timeout - how long to wait icp reply from peer (in ms, e.g 1000 = 1sec)
##
icp_timeout 10000
##
# start disk cache cleanup when free space will be (in %%)
# As on the very large storages 1% is large space (1% from 9G is
# 90M), then on such storages you can set both disk-low-free and
# disk-ok-free to 0. Oops will start cleanup if it have less then 256
# free blocks(1M), and stop when it reach 512 bree blocks(2M).
##
disk-low-free 3
##
# stop disk cache cleanup when free space will be (in %%)
##
disk-ok-free 5
##
# Force_http11 - turn on http/1.1 for each request to document server
# This option required if module 'vary' used.
##
force_http11
##
# Always check document freshness, even it is not stale or expired
# This force Oops behave like squid - first check cached doc, then send
##
always_check_freshness
##
# If user-requestor aborted connection to proxy, but there was received more
# then some percent ot the document - then continue.
# default value - 75%
##
force_completion 75
##
# maximum size of the object we will cache
##
maxresident 1m
insert_x_forwarded_for yes
insert_via yes
##
# If host have several interfaces or aliases, use exactly
# this name when connecting to server:
##
#connect-from proxy.paco.net
##
# ACLs - currently: urlregex, urlpath, usercharset
# port, dstdom, dstdom_regex, src_ip, time
# each acl can be loaded from file.
##
#acl CACHEABLECGI urlregex
http://www\.topping\.com\.ua/cgi-bin/pingstat\.cgi\?072199131826
#acl WWWPACO urlregex www\.paco\.net
#acl NO_RLH urlregex zipper
#acl REWRITEPORTS urlregex (www.job.ru|www.sale.ru)
#acl REWRITEHOSTS urlregex (www.asm.ru|zipper\.paco)
#acl WINUSER usercharset windows-1251
#acl DOSUSER usercharset ibm866
#acl UNIXUSER usercharset koi8-r
#acl RUS dstdom ru su
#acl UKR dstdom ua
#acl BADPORTS port [0:79],110,138,139,513,[6000:6010]
#acl BADDOMAIN dstdom baddomain1.com baddomain2.com
#acl BADDOMREGEX dstdom_regex baddomain\.((com)|(org))
#acl LOCAL_NETWORKS src_ip
include:/usr/local/proxy/oops/acl_local_networks
#acl BADNETWORKS src_ip 192.168.10/24
#acl WORKTIME time Mon,Tue:Fri 0900:1800
#acl HTMLS content_type text/html
#acl USERS username joe
acl ADMINS src_ip 127.0.0.1
acl PURGE method PURGE
##
# acl_deny [!]ACL [!]ACL ...
# deny access for combined acl
##
acl_deny PURGE !ADMINS
##
# Never cache objects with URL, containing...
##
stop_cache ?
stop_cache cgi-bin
##
# stop_cache_acl [!]ACL [!]ACL ...
# Stop cache using ACL
##
#stop_cache_acl WWWPACO
##
# refresh_pattern ACLNAME min percent max
# 'min' and 'max' are limits between Expite time will be assigned
# Iff document have no expire: header and have Last-Modified: header
# we will use 'percent' to estimate how far in the future document will
# be expired.
##
#refresh_pattern CACHEABLECGI 20 50% 200
#refresh_pattern WWWPACO 0 0% 0
##
# bind_acl {hostname|ip} [!]ACL [!]ACL ...
# bind to given address when connecting to server
# if request match ACLNAME
##
#bind_acl outname1 RUS
#bind_acl outname2 UKR
##
# Always check document freshness, but now on acl basis.
# You can have several such lines.
## This example will force to check freshness only for html documents.
#always_check_freshness_acl HTMLS
##
# line 'parent ....' will force all connections (except to destinations
# in local-domain or local-networks) go through parent host
##
#parent proxy.paco.net 3128
##
# parent_auth login:password
# if your parent require login/password from your proxy
##
#parent_auth login:password
# ICP peer's
#peer proxy.paco.net 3128 3130 {
## ^^^ peer name ^http port ^icp port
## icp port can be 0, in which case we assume this is non-icp
## proxy. We assume that non-icp peer act like parent which
## answer MISS all th etime. If this peer refused connection
## then it goes down for 60 seconds - it doesn't take part in
## any peer-related decisions.
# sibling ;
## if this peer require login/password from your proxy
# my_auth my_login:my_password;
## we will send requests for these domains
# allow dstdomain * ;
## we will NOT send requests for these domains
# deny dstdomain * ;
## we will send only requests matched to this acl
# peer_access [!]ACL1 [!]ACL2
## if (and only if) peer is not icp-capable, then , in case of fail we
## leave failed peer alone for the down_timeout interval (in seconds).
## Then we will try again
# down_timeout 60 ;
#}
#peer proxy.gu.net 80 3130 {
# parent ;
# allow dstdomain * ;
# deny dstdomain paco.net odessa.ua ;
#}
##
# Never use "parent" when connecting to server in these domains
##
local-domain elcat2.bishkek.su bishkek.su
#local-domain odessa.net paco.net netsy.net netsy.com te.net.ua
local-networks 212.42.101/24
#
# Groups
#
group elcat2 {
##
# You can describe group ip adresses here, or using src_ip acl's
# with networks_acl directive.
# networks_acl always have higher preference (checked first) and
# are checked in the order of appearance.
# If host wil not fall in any networks_acl - we check in networks.
# networks are ordered by masklen - longest masks(most specific networks)
# are checked first.
##
networks 212.42.101/24 ;
# networks_acl LOCAL_NETWORKS !BAD_NETWORKS ;
badports [0:79],110,138,139,513,[6000:6010] ;
miss allow;
##
# denytime - when deny access to proxy server for this group
##
# denytime Sat,Sun 0642:1000
# denytime Mon,Thu:Fri,Sun 0900:2100
##
# Authentication modules for this group (seprated by space)
##
# auth_mods passwd_file;
##
# URL-Redirector (porno, ad. filtering) modules for this group (separate by
# space)
##
# redir_mods redir;
##
# limit whole group to 8Kbytes per sec
##
bandwidth 8k;
##
# limit each host 8Kbytes per sec
##
# per_ip_bw 8k;
##
# limit connections number from each host
#
# per_ip_conn 8;
##
# limit request rate from this group (requests per second). This is crude,
# and must be used as last resort
##
# maxreqrate 100;
##
# icp acl ...
##
icp {
allow dstdomain * ;
}
##
# http acl
##
http {
##
# http acls can be in form 'allow dstdomain domainname domainname ... domainname ;
# or in form 'allow dstdomain include:filename ;
# where filename - name of the file, which contain
# domainnames (one per line, # - comment line);
# the same rules for 'deny'
##
allow dstdomain * ;
}
}
group world {
networks 0/0;
badports [0:79],110,138,139,513,[6000:6010];
http {
deny dstdomain * ;
}
icp {
deny dstdomain * ;
}
}
##
# Storage section
# Change this for your own situation. Oops can work without
# storages (using only in-memory cache).
##
##
# Storage description (can be several)
# path - filename of storage. can be raw device (be carefull!)
# size - size (of storage file). Can be smthng like 100k or 200m or 4g
# Size used only durig format process (oops -z).
##
storage {
path /usr/local/proxy/oops/storages/oops_storage ;
# Size of the storage. Can be in bytes or 'auto'. Auto is
# usefull for pre-created storages or disk slices.
# NOTE: 'size auto' won't work for Linux on disk slices.
# To use large ( > 2G ) files run configure with --enable-large-files
size 520m ;
# You have to use 'offset' in the case your raw device (or slice)
# require that. For example if you use entire disk as storage
# under AIX and Soalris/Sparc - you have to skip first block
# which contain disk label (that is storage will start from
# next 512 sector.
# offset 512;
}
storage {
path /usr/local/proxy/oops/storages/oops_storage1 ;
size 600m ;
}
module lang {
default_charset koi8-r
# Recode tables and other charset stuff
CharsetRecodeTable windows-1251 /usr/local/proxy/oops/tables/koi-win.tab
CharsetRecodeTable ISO-8859-5 /usr/local/proxy/oops/tables/koi-iso.tab
CharsetRecodeTable ibm866 /usr/local/proxy/oops/tables/koi-alt.tab
CharsetAgent windows-1251 AIR_Mosaic IWENG/1 MSIE WinMosaic (Windows (WinNT;
CharsetAgent windows-1251 (Win16; (Win95; (Win98; (16-bit) Opera/3.0
CharsetAgent ibm866 DosLynx Lynx2/OS/2
}
module err {
# error reporting module
# template
template /usr/local/proxy/oops/err_template.html
# Language to use when generate Error messages
lang ru
}
module passwd_file {
# password proxy-authentication module
#
# default realm, scheme and passwd file
# the only thing you really want to change is 'file' and 'template'
# you don't have to reconfigure oops if you only
# change content passwd file or template: oops authomatically
# reload file
realm oops
scheme Basic
file /usr/local/proxy/oops/passwd
template /usr/local/proxy/oops/auth_template.html
}
module passwd_pgsql {
# proxy authentication using postgresql
# "Ivan B. Yelnikov" <[EMAIL PROTECTED]>
#
# host - host where database live,
# user,password - login and password for database access
# database - database name
# select - file with request body
# template - file with html doc which user will receive
# during authentication
scheme Basic
realm oops
host <host address/name>
user <database_user>
password <user_password>
database <database_name>
select /usr/local/proxy/oops/select.sql
template /usr/local/proxy/oops/auth_template.html
}
module passwd_mysql {
# proxy authentication usin mysql
# "Ivan B. Yelnikov" <[EMAIL PROTECTED]>
#
# look passwd_pgsql description
#
scheme Basic
realm oops
host <host address/name>
user <database_user>
password <user_password>
database <database_name>
select /usr/local/proxy/oops/select.sql
template /usr/local/proxy/oops/auth_template.html
}
module redir {
# file - regex rules.
# each line consist of one or two fields (separated with white space)
# 1. regular expression
# 2. redirect-location
# if requested (by client) url match regex then
# if we have redirect-url then we send '302 Moved Temporary' to
# redirect-location
# if we have no redirect-location (i.e. we have no 2-nd field)
# then we send template.html (%R will be substituted by rule)
# or some default message if we have no template.
# you don't have to reconfigure oops each time
# you edit rules or template, they will be reloaded authomatically
file /usr/local/proxy/oops/redir_rules
template /usr/local/proxy/oops/redir_template.html
## mode control will redir rewrite url or send Location: header
## with new location. Values are 'rewrite' or 'bounce'
# mode rewrite
# This module can process requests which come on http_port
# and/or on different port. For example, you wish oops
# bind on two ports - 3128 and 3129, and all requests which come on
# port 3129 must pass through filters, and requests which come on port
# 3128 (common http_port) - not. Then you have to uncomment next line
# myport 3129
# which means exactly: bind oops to additional port 3129 and process
# requests which come on this port.
# myport can be in the next form:
# myport [{hostname|ip_addr}:]port
}
module oopsctl {
# path to oopsctl unix socket
socket_path /usr/local/proxy/oops/logs/oopsctl
# time to auto-refresh page (seconds)
html_refresh 300
}
##
## This module hadnle 'Vary' header - it was written to better support
## Russian Apache
##
module vary {
user-agent by_charset
accept-charset ignore
}
##
## WWW -accelerator. To use - add word accel to
## redir_mods line for
## the group 'world' description
## You will find more description of this module in supplied accel_maps file
##
#module accel {
# myport can have next form:
# myport [{hostname|ip_addr}:]port ...
# myport 80
##
# allow access to proxy through accel module.
# Deny will stop proxy through accel completely, regardless
# of any other access rules
##
# proxy_requests deny
#
##
# File with maps and other config directives
# Checked once per minute. No need to restart oops if maps changed
##
# file /usr/local/proxy/oops/accel_maps
#}
##
## Transparent proxy. To use - add word 'transparent' into
## redir_mods line for your group.
## in the your local (or any other) group description
##
#module transparent {
# myport can have next form:
# myport [{hostname|ip_addr}:]port ...
# myport 3128
#}
##
## %h - remote ip address
## %A - local ip address
## %d - ip address of source (peer or document server)
## %l - remote logname from identd (not suported now)
## %U - remote user (from 'Authorization' header)
## %u - remote user (from proxy-auth)
## %{format}t - time with optional {format} (for strftime)
## %t - time with standard format %d/%b/%Y:%T %Z
## %r - request line
## %s - status code
## %b - bytes received
## %{header}i - value of header in request
## %m - HIT/MISS
## %k - hierarchy (DIRECT/NONE/...)
##
## directive buffered can be followed by size of the buffer,
## like 'buffered 32000'
##
#module customlog {
# path /usr/local/oops/logs/access_custom1
# format "%h %l %u %t \"%r\" %>s %b"
# squid httpd mode log emulation
# format "%h %u %l %t \"%r\" %s %b %m:%k"
# buffered
# path /usr/local/oops/logs/access_custom2
# format "%h->%A %l %u [%t] \"%r\" %s %b \"%{User-Agent}i\""
#}
module berkeley_db {
##
# dbhome - directory where all DB indexes reside. Use full path
# this directory must exist.
# dbname - filename for index file. Use just filename (no full path)
##
dbhome /usr/local/proxy/oops/DB
dbname dburl
##
# This parameter specifies internal cache size of BerkeleyDB.
# Increase this parameter for best performance (if you have a lot of memory).
# For example: db_cache_mem 64m
# Default and minimum value: 4m
#
# This memory pool is not part of memory pool, specified by mem_max parameter.
# WARNING: the amount of RAM used by oops will be increased by the value of
# this parameter.
db_cache_mem 64m
}
#module gigabase_db {
# This module enable GigaBASE as database engine.
# You can use berkeley_db or gigabase_db, not both.
# Also, important notice - indexes created with different modules
# are not compatible.
# ##
# # dbhome - directory where all DB indexes reside. Use full path
# # this directory must exist.
# # dbname - filename for index file. Use just filename (no full path)
# ##
#
# dbhome /usr/local/proxy/oops/DB
# dbname gdburl
#
# ##
# # This parameter specifies internal cache size of BerkeleyDB.
# # Increase this parameter for best performance (if you have a lot of memory).
# # For example: db_cache_mem 64m
# # Default and minimum value: 4m
# #
# # This memory pool is not part of memory pool, specified by mem_max parameter.
# # WARNING: the amount of RAM used by oops will be increased by the value of
# # this parameter.
# ##
# #db_cache_mem 4m
#
#}
----------------------------END---------------------------------
=====================================================================
If you would like to unsubscribe from this list send message to
[EMAIL PROTECTED] with "unsubscribe oops" in message body.
Archive is accessible on http://www.paco.net/oops/
