Re: [squid-users] strange problem with my squid
"Mr. Singh" wrote: > > Dear Users > > I am facing a very peculiar and difficult problem that I When my squid > runs something keeps on writting on the HDD or something goes on in the > system. Because HDD LED kepps on blinking but If I stop squid it also > stops. I am unable to fix this problem . Is my squid attacked ? or > corrupted ? > > What shall I do ? Help me. > I am running squid 2.3 stable You are verly likely to have disk activity when squid is running ... Because of the fact that squid store's and reads objects of the disk this in the context of it's purpose being web caching software. M. > > Singh -- 'Love is truth without any future. (M.E. 1997)
Re: [squid-users] running out of hard disk space
Noel Clarkson wrote: > > Hi there, > > I've been running a RedHat 7.0 box with squid 2.3.STABLE4 and it's been > running fine for ages. Just the other day it starts using a lot more cpu > and memory than I've seen it use in the past and filling the hard disk the > cache is on. The cache is on it's own partition that's 1.8G, and the > cache_dir disk space was set up as 1600 but I changed it to 1400 because it > keeps filling the partition and then after reorting errors in the log, > clears about 150Mb and then proceeds to fill it again. This happens again > and again with the cpu sitting at between 60 and 100% usage and about 40% > memory usage (dual P3 450, 256Mb ram). > > Any ideas what might be causing this or even where to look. I can't > understand why it is even comming close to filling the partition (it has > it's own partition and it is only the cache no logs or anything else), I'm > completely confused! Upgrade to the latest stable release. See whether this problem persists. M. > > cheers, > > noel -- 'Love is truth without any future. (M.E. 1997)
[squid-users] running out of hard disk space
Hi there, I've been running a RedHat 7.0 box with squid 2.3.STABLE4 and it's been running fine for ages. Just the other day it starts using a lot more cpu and memory than I've seen it use in the past and filling the hard disk the cache is on. The cache is on it's own partition that's 1.8G, and the cache_dir disk space was set up as 1600 but I changed it to 1400 because it keeps filling the partition and then after reorting errors in the log, clears about 150Mb and then proceeds to fill it again. This happens again and again with the cpu sitting at between 60 and 100% usage and about 40% memory usage (dual P3 450, 256Mb ram). Any ideas what might be causing this or even where to look. I can't understand why it is even comming close to filling the partition (it has it's own partition and it is only the cache no logs or anything else), I'm completely confused! cheers, noel
[squid-users] strange problem with my squid
Dear Users I am facing a very peculiar and difficult problem that I When my squid runs something keeps on writting on the HDD or something goes on in the system. Because HDD LED kepps on blinking but If I stop squid it also stops. I am unable to fix this problem . Is my squid attacked ? or corrupted ? What shall I do ? Help me. I am running squid 2.3 stable Singh
[squid-users] customize access denied error page for a particular link
Hi All, Can anyone kindly tell me on how to do the following ? I want to block a site and want to have a separate customized error page for that . That error page shud be only for that website. TIA., Raja
[squid-users] NTLM Auth using Active directory
Greetings, I am trying to get NTLM / winbind authentication working with squid 2.5 Stable 4 and Samba 3.0.0. From other posts, I have read that I am supposed to use the samba winbind helpers instead of the squid ones. Can anyone give me a thorough walkthrough of how to achieve this. I have looked at the walkthrough at IT MAnagers.net. However following this guide it does not work and there appears to be something missing that is not being done. <> *** This message is intended for the addressee named and may contain confidential information. If you are not the intended recipient, please delete it and notify the sender. Views expressed in this message are those of the individual sender, and are not necessarily the views of the Department of Lands. This email message has been swept by MIMEsweeper for the presence of computer viruses. *** BEGIN:VCARD VERSION:2.1 N:Vaughan;Chris FN:Chris Vaughan (E-mail) ORG:Department of Lands;Information Management and Technology TITLE:Communications Administrator TEL;WORK;VOICE:(02) 9228-6884 TEL;CELL;VOICE:+61 (0401) 148061 TEL;WORK;FAX:(02) 9223-1271 ADR;WORK;ENCODING=QUOTED-PRINTABLE:;IMT;1 Prince Albert Rd=0D=0AQueens Square;Sydney;NSW;2000;Australia LABEL;WORK;ENCODING=QUOTED-PRINTABLE:IMT=0D=0A1 Prince Albert Rd=0D=0AQueens Square=0D=0ASydney, NSW 2000=0D=0AAu= stralia EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20030829T062124Z END:VCARD
[squid-users] Problem accessing some sites
Hi, I have just compiled Squid 2.5 Stable 4 and running it on Solaris 8 on an Intranet environment. However I am having problem accessing sites with URL like http://mis3.home.company/inhouse/common/login.asp?goto=/inhouse/leave/Default.asp&fnum. The error message is as follows: The requested URL could not be retrieved. While trying to retrieve the URL: http://mis3.home.company/inhouse/common/login.asp? The following error was encountered: Access Denied. Access control configuration prevents your request from being alloed at this time. Pls contact your service provider if you feel this is incorrect. On the access logfile, I got 403 TCP_DENIED:NONE. Pls advise what could have gone wrong. Thank you. My squid.conf is as follows: # NETWORK OPTIONS http_port 3128 icp_port 0 # OPTION WHICH AFFECT NEIGHBOUR SELECTION ALGORITHM cache_peer 123.45.1.30 parent 3128 0 no-query proxy-only acl query urlpath_regex cgi-bin \? acl dynamic_contents urlpath_regex \*\.asp acl dynamic_contents urlpath_regex \*\.jsp no_cache deny query dynamic_contents # OPTIONS WHICH AFFECT THE CACHE SIZE cache_mem 10 MB maximum_object_size 1024 KB maximum_object_size_in_memory 1024 KB # LOGFILE PATHNAMES & CACHE DIRECTORIES cache_dir ufs /usr/local/squid/var/cache 3000 16 256 cache_access_log /usr/local/squid/var/logs/access.log cache_log /usr/local/squid/var/logs/cache.log pid_filename /usr/local/squid/var/logs/squid.pid cache_store_log none emulate_httpd_log on log_ip_on_direct off mime_table /usr/local/squid/etc/mime.conf log_mime_hdrs off debug_options ALL,1 log_fqdn off # OPTIONS FOR TUNING THE CACHE request_header_max_size 1 KB negative_ttl 5 minutes positive_dns_ttl 30 minutes negative_dns_ttl 1 minutes # TIMEOUTS connect_timeout 120 seconds peer_connect_timeout 120 seconds read_timeout 5 minutes request_timeout 5 minutes half_closed_clients off pconn_timeout 15 seconds shutdown_lifetime 10 seconds # DEFAULT ACCESS CONTROLS acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_PORTS port 343 443 7002 8000 9000 15000 acl Safe_ports port 80 21 443 563 70 210 1025-65535 acl SSL method CONNECT # Only allow administrator access from localhost http_access allow manager localhost http_access deny manager # Deny requests to unknown ports http_access deny !Safe_ports #Deny CONNECT to other than SSL ports and no direct connection for SSL http_access deny SSL !SSL_ports never_direct allow SSL # Ban on file types and domain acl BANFILE urlpath_regex \.bmp$ \.mp3$ \.mpg$ \.avi$ acl BANDOMAIN urlpath_regex www .com .net http_access deny BANFILE http_access deny BANDOMAIN # For the cache purge acl PURGE method purge http_access allow PURGE localhost http_access deny PURGE # Commom application/web servers in local acl direct-svr dstdomain mis3.home.company always_direct allow direct-svr # Commom application/web servers housed remote and access thru' 123.45.1.30 acl remote-svr dst 123.45.1.31 cache_peer_access 123.45.1.30 allow remote-svr never_direct allow remote-svr # Allow requests to proxy http_access allow all # HTTPD-ACCELERATOR OPTIONS # For Squid to run as transparent proxy httpd_accel_uses_host_header on # ADMINISTRATIVE PARAMETERS cache_mgr [EMAIL PROTECTED] cache_effective_user nobody visible_hostname proxy.inet.company # MISCELLANEOUS dns_testnames home.company mis3.home.company memory_pools off cachemgr_passwd none all snmp_port 0 client_db off _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg
Re: [squid-users] Stuck every starting swap
Hi Bart, My Squid cache_dir 7500, ufs and Ext3. My partition and HDD size is still huge (free). Thx & Rgds, Awie - Original Message - From: "Schelstraete Bart" <[EMAIL PROTECTED]> To: "Awie" <[EMAIL PROTECTED]>; "Squid" <[EMAIL PROTECTED]> Sent: Monday, October 27, 2003 5:48 AM Subject: Re: [squid-users] Stuck every starting swap > Awie, > > * How big is your Squid cache? > * What kind of Squid cache are you using? (aufs, ufs, diskd) > * What filesystem are you using? (ext2, ext3, reiser, ...) > > Bart > > Awie wrote: > > >My system has 256 MB of RAM and I put 8 MB at the cache_mem section > > > >Thx & Rgds, > > > >Awie > > > >- Original Message - > >From: "Henrik Nordstrom" <[EMAIL PROTECTED]> > >To: "Awie" <[EMAIL PROTECTED]> > >Cc: "Squid-users" <[EMAIL PROTECTED]> > >Sent: Sunday, October 26, 2003 10:05 PM > >Subject: Re: [squid-users] Stuck every starting swap > > > > > > > > > >>On Sun, 26 Oct 2003, Awie wrote: > >> > >> > >> > >>>All, > >>> > >>>My Squid (2.5S1) seems always stuck every time system start a swapping > >>>progress. After I restart the program, it run normal again. My linux is > >>> > >>> > >RH > > > > > >>>7.3 with kernel 2.40.18. > >>> > >>> > >>How much memory do you have? > >> > >>Have you read the squid FAQ section on memory usage and cache sizing? > >> > >>Regards > >>Henrik > >> > >> > >> > > > > > > > > > > > -- > > You can find me on Google or Yahoo... > search for "Schelstraete Bart" or "Bart Schelstraete" > > Schelstraete Bart > http://www.hansbeke.com > email: bart at schelstraete.org > >
[squid-users] Cache Replacement Policy
Is there any comparation between all cache replacement policy supported by Squid ? I need that for choosing that mostly suitable for our internet user behavior. Thank you. Lazuardi Nasution Control System & Computer Laboratory Department of Electrical Engineering Faculty of Industrial Technology Institut Teknologi Bandung
Re: [squid-users] Stuck every starting swap
My system has 256 MB of RAM and I put 8 MB at the cache_mem section Thx & Rgds, Awie - Original Message - From: "Henrik Nordstrom" <[EMAIL PROTECTED]> To: "Awie" <[EMAIL PROTECTED]> Cc: "Squid-users" <[EMAIL PROTECTED]> Sent: Sunday, October 26, 2003 10:05 PM Subject: Re: [squid-users] Stuck every starting swap > On Sun, 26 Oct 2003, Awie wrote: > > > All, > > > > My Squid (2.5S1) seems always stuck every time system start a swapping > > progress. After I restart the program, it run normal again. My linux is RH > > 7.3 with kernel 2.40.18. > > How much memory do you have? > > Have you read the squid FAQ section on memory usage and cache sizing? > > Regards > Henrik >
Re: [squid-users] Stuck every starting swap
Awie, * How big is your Squid cache? * What kind of Squid cache are you using? (aufs, ufs, diskd) * What filesystem are you using? (ext2, ext3, reiser, ...) Bart Awie wrote: My system has 256 MB of RAM and I put 8 MB at the cache_mem section Thx & Rgds, Awie - Original Message - From: "Henrik Nordstrom" <[EMAIL PROTECTED]> To: "Awie" <[EMAIL PROTECTED]> Cc: "Squid-users" <[EMAIL PROTECTED]> Sent: Sunday, October 26, 2003 10:05 PM Subject: Re: [squid-users] Stuck every starting swap On Sun, 26 Oct 2003, Awie wrote: All, My Squid (2.5S1) seems always stuck every time system start a swapping progress. After I restart the program, it run normal again. My linux is RH 7.3 with kernel 2.40.18. How much memory do you have? Have you read the squid FAQ section on memory usage and cache sizing? Regards Henrik -- You can find me on Google or Yahoo... search for "Schelstraete Bart" or "Bart Schelstraete" Schelstraete Bart http://www.hansbeke.com email: bart at schelstraete.org
Re: [squid-users] Cache Replacement Policy
On Mon, 27 Oct 2003, Lazuardi Nasution wrote: > Is there any comparation between all cache replacement policy supported > by Squid ? I need that for choosing that mostly suitable for our internet > user behavior. The HP Labs research paper referenced in the squid.conf.default documentation has quite extensive analysis of the different policies. As the only policies known by Squid except the original Squid LRU policy is the heap based policies added by HP Labs as part of the same research project this accounts for all the policies.. Regards Henrik
Re: [squid-users] Stuck every starting swap
On Sun, 26 Oct 2003, Awie wrote: > All, > > My Squid (2.5S1) seems always stuck every time system start a swapping > progress. After I restart the program, it run normal again. My linux is RH > 7.3 with kernel 2.40.18. How much memory do you have? Have you read the squid FAQ section on memory usage and cache sizing? Regards Henrik
Re: [squid-users] Re: authentication modules
On Sun, 26 Oct 2003, Ilya wrote: > >Set the external_acl TTL to 5min. See the external_acl_type > >documentation. > > Can you give a link? See squid.conf.default. Regards Henrik
Re: [squid-users] Stuck every starting swap
Awie wrote: All, My Squid (2.5S1) seems always stuck every time system start a swapping progress. After I restart the program, it run normal again. My linux is RH 7.3 with kernel 2.40.18. Is is any parameter in Linux or Squid that I should apply? You need to tune your Linux (swapping), and try decreasing the cache_mem option. And watch what squid is doing after youd id that. Bart -- Schelstraete Bart http://www.hansbeke.com email: bart at schelstraete.org
[squid-users] Stuck every starting swap
All, My Squid (2.5S1) seems always stuck every time system start a swapping progress. After I restart the program, it run normal again. My linux is RH 7.3 with kernel 2.40.18. Is is any parameter in Linux or Squid that I should apply? Thx & Rgds, Awie
Re: [squid-users] Re: authentication modules
On Sun, 26 Oct 2003, Ilya wrote: > Hm, in my case it is necessary to check user credentials with > some period (for ex. authenticate_ttl = 5min )in order to > check whether his quota exceeded or not. > Can you suggest the similar scheme using external_acl? Set the external_acl TTL to 5min. See the external_acl_type documentation. Regards Henrik
Re: [squid-users] redirector format
On Sun, 26 Oct 2003, Ilya wrote: > URL ip-address/fqdn ident method > > Can you explain what fields "fqdn" and "ident" mean? FQDN is a Fully Qualified Domain Name, provided this information is known to Squid already. ident is ident or authenticated username, provided this information is known to Squid already. When the information is not known a single - is sent in that field. Regards Henrik
Re: [squid-users] file system type/params optimal for squid?
On Sat, 25 Oct 2003, Linda W. wrote: > I'm slightly confused -- do you mean reiserfs is best out of the > journalled fs's, or best including non-journaled async (ext2? fat32?) > fs's. >From what I recall it even performed better than ext2. But I recommend you to find the benchmar results to verify this. The benchmarks run by Joe Cooper is somewhere on the swelltech.com web site. > Doing benchmarks right is fairly difficult. So many variables. So many > parameters can affect things. Not really. The polymix-4 workload is a standard workload and only has two variables a) The size of your cache b) The rate you want to test if the proxy can handle but it is rather time consuming. > Like just choice of fs's default allocation unit. If a format prog has > defaults of a 512-byte allocation block, it might make a big difference > in a test where another sets up for 16Kb blocks. Defaults could explain > a difference in performance if most read/writes are >512 bytes and > <16Kb. This is all about figuring out which cache server configuration is the best. Without benchmarking all one can do is guessing. > Do you know off hand what Reiserfs's default alloc size is? It works differently. See the Reiserfs documentation for details. > Aren't ext2 and fat32, ufs, etcall pretty much > async/non-journaled? Weren't they > (and in many cases, still are) used for decades without being > "sensitive"? fat32 is mostly syncronous on most systems built on fat32 (i.e. DOS, Windows). In NT fat32 is fully asyncronous. ext2 in Linux is somewhere inbetween due to how Linux manages it's buffer/cache, giving most of the benefits of asyncronous filesystem operations while at the same time providing reasonable crash resistance. > Bugs happen in journaling fs's too -- all of the files I'd modified in > the previous day had '0's written throughout them. Most journaled filesystems does not journal the file contents, only the filesystem structure (directories, file lengths, block allocations etc). > What other windows file system would one compare NTFS to? BTW, at one > point, I thought I remember fat32 being syncronous on linux. You can mount any filesystem sycronous on Linux if you like. This is commonly recommended for floppy disk operations as users have a tendency to remove the floppy without first unmounting the filesystem.. > Theoretically, with no support for access rights, file owner and limited > time field accuracy, FAT32 should run faster than ext2. Again it depends. The ext2 design makes it a lot easier for the filesystem to maintain many concurrent operations than the fat32 design. > But -- for a 'temporary internet cache', how much fault tolerance does > one need? I could see (if memory was cheap enough) of running squid on > a RAM disk. If your server stays up for a month at a time, I think the > effects of losing the cache once a month would be negligible compared to > the benefit of zero ms disk access... Agreed, but rather expensive if you want a large cache. > I dunno...the algorithms to store and retrieve data in a database might > have been given more research bucks to be optimized for speed than the > the squid database on top of a file system delay. Maybe, but instead you get the significant overhead of having to pass all information between Squid and the DB server. Also, I do not think you want a relational database for cache content.. relational databases is optimized for content where all the records have the exact same size while web cache data varies a lot in size.. > What if it is an asyncronous/buffered rewritable CD? :-) Then you are effectively running a ram disk of the size of one CD. Regards Henrik
[squid-users] Re: authentication modules
On Sun, 26 Oct 2003, Ilya wrote: > If i want to realize such scheme, i need to have some way to > get a client`s IP address. > Is it possible to change the scheme of basic authenticaion? > So, for example, i want to get "username IPaddress" instead > of "username password" from stdin. I said out-of-band authentication. This means YOU must find some method whereby you can learn who the username per IP address is. HTTP can not give you this information automatically. Once you have found such method, the external_acl hooks of Squid can be used to make Squid query your system who the username is on that IP. alternatively you can use the already existing out-of-band ident identification method. This just requires you to install ident servers on all clients. If you want to use in-band HTTP authentication then you need to use the authentication schemes as is, which means the user providing a login + password to his browser so the browser can authenticate to Squid. Regards Henrik
Re: [squid-users] Re: authentication modules
Set the external_acl TTL to 5min. See the external_acl_type documentation. Can you give a link? I have not managed to find it on www.squid-cache.org. wbr, Ilya
Re: [squid-users] Re: authentication modules
On Sun, 26 Oct 2003 10:41:14 +0300 oleg-s <[EMAIL PROTECTED]> wrote: On Sun, 26 Oct 2003 12:56:47 +0600 "Ilya" <[EMAIL PROTECTED]> wrote: So, for example, i want to get "username IPaddress" instead of "username password" from stdin. hint, use external acl with any options you need ("%USER %IP"). olegs Hm, in my case it is necessary to check user credentials with some period (for ex. authenticate_ttl = 5min )in order to check whether his quota exceeded or not. Can you suggest the similar scheme using external_acl? wbr, Ilya
[squid-users] redirector format
URL ip-address/fqdn ident method Can you explain what fields "fqdn" and "ident" mean? wbr, Ilya