On Tue, 21 Jun 2011 22:15:12 -0300, Fabiano Carlos Heringer wrote:
Hi,
My squid is not caching any content, all request is TCP_MISS/200,
Version?
Below my config:
http_port 10.0.0.1:3128
http_port 127.0.0.1:80 transparent
icp_port 0
pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/Portuguese
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
logfile_rotate 2
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src 10.0.0.0/255.255.255.0
uri_whitespace strip
cache_mem 24 MB
maximum_object_size_in_memory 900 KB
memory_replacement_policy lru
cache_replacement_policy lru
cache_dir ufs /var/squid/cache 100 16 256
minimum_object_size 512 KB
This is a global limit. No object smaller than 512 KB may be stored by
this Squid.
maximum_object_size 200 bytes
This is a global limit. No object greater than 200 bytes may be stored
by this Squid.
Between them your limits will erase all objects your Squid gets a
request for.
offline_mode off
cache_swap_low 90
cache_swap_high 95
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128
1025-65535
acl sslports port 443 563
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
refresh_pattern (get_video\?|videoplayback\?|videodownload\?) 5259487
99999999% 5259487 override-expire ignore-reload ignore-private
negative-ttl=0
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
This cgi-bin pattern is in the wrong place. It forces non-caching fro
any dynamic pages. It will override the file patterns below on a lot of
traffic.
It should be place immediately above the "." pattern at the end of the
refresh_pattern list.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200
override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200
90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i
\.(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff|gz)$ 10080 90%
43200 override-expire ignore-no-cache ignore-private
Interesting things happen when you turn ignore-private on. Do you have
any example cases? (just for my/our interest).
I do know that .tiff format is used in the medical area for personal
files (x-rays and other imaging scans) which get transferred over the
web between health practitioners down the stages of treatment. Caching
and re-using those could lead to some serious side effects. The archive
types could also contain personal information.
refresh_pattern -i \.index.(html|htm)$ 0 40% 10080
NP: Both of the dots in the above pattern need to be \.
refresh_pattern -i \.(html|htm|css|js)$ 1440 40% 40320
refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|msi) 10080
100% 43200 reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe|msi) 10080 100%
43200 reload-into-ims
refresh_pattern msgruser.dlservice.microsoft.com/.*\.(cab|exe|msi)
10080 100% 43200 reload-into-ims
refresh_pattern windowsupdate.com/.*\.(cab|exe|msi) 10080 100% 43200
reload-into-ims
refresh_pattern www.microsoft.com/.*\.(cab|exe|msi) 10080 100% 43200
reload-into-ims
NP: you can combine the above pattern rules into one by dropping the
initial prefix.
ie:: refresh_pattern -i
(windowsupdate|microsoft)\.com/.*\.(cab|exe|msi) 10080 100% 43200
reload-into-ims
*** (/cgi-bin/|\?) pattern check goes here.
refresh_pattern . 0 40% 40320
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
http_access allow localhost
quick_abort_min 0 KB
quick_abort_max 0 KB
request_body_max_size 0 KB
reply_body_max_size 51200000 deny all
One reason I ask for version is that "deny" is not valid here and the
versions which accept ACL controls all expect a unit name.
one of: bytes / KB / MB / GB / TB
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow all
This delay pool stuff needs to be removed. It is not doing anything
useful, just consuming CPU on every request.
http_access allow localnet
http_access deny all
in store.log i get only RELEASE -1 FFFFFFFF
Any suggestions?
See above.
Amos
