The redirector helpers are crashing too rapidly, need help!

Wed, 09 Nov 2005 09:15:46 -0800

I am trying to implement squidGuard (1.2.0 Sleepycat Software: Berkeley DB 4.1.25: (September 17, 2004)) on a server under Squid Cache version 2.5.STABLE9 for i586-mandrake-linux. I will paste in config files below for your reference.
My problem is that when I configure squid to start squidGuard, then restart the squid service, squid does not run at all. 
Normal startup, no squidGuard:

# ps auwx|grep squid
root      6219  0.0  0.1  5264 1492 ?        Ss   08:38   0:00 squid -D
squid     6221  0.0  0.5  8360 5228 ?        S    08:38   0:00 (squid) -D
squid     6224  0.0  0.0  1256  264 ?        Ss   08:38   0:00 (unlinkd)
root      6262  0.0  0.0  1760  600 pts/0    R+   08:58   0:00 grep squid
Startup with squidGuard active (redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf -C all): 

# ps auwx|grep squid
root      6314  0.0  0.1  5264 1492 ?        Ss   09:00   0:00 squid -D
squid     6360 43.0  0.0     0    0 ?        Rs   09:00   0:01 [squidGuard]
squid 6361 0.6 0.1 6044 1580 ? Rs 09:00 0:00 (squidGuard) -c /etc/squid/squidGuard.conf -C all squid 6363 0.3 0.1 5512 1468 ? Rs 09:00 0:00 (squidGuard) -c /etc/squid/squidGuard.conf -C all squid 6364 7.3 0.1 6440 1996 ? Ds 09:00 0:00 (squidGuard) -c /etc/squid/squidGuard.conf -C all squid 6368 7.0 0.1 6440 1996 ? Rs 09:00 0:00 (squidGuard) -c /etc/squid/squidGuard.conf -C all squid 6369 0.3 0.1 4840 1360 ? Rs 09:00 0:00 (squidGuard) -c /etc/squid/squidGuard.conf -C all 
root      6372  0.0  0.0  1760  596 pts/0    R+   09:00   0:00 grep squid

Then after about 30 seconds:

# ps auwx|grep squid
root      6406  0.0  0.0  1760  604 pts/0    S+   09:01   0:00 grep squid

And of course, the proxy is unreachable.

===Here is the log under failure:

# tail -100 /var/log/squid/cache.log
2005/11/09 09:00:30| Unlinkd pipe opened on FD 20
2005/11/09 09:00:30| Swap maxSize 102400 KB, estimated 7876 objects
2005/11/09 09:00:30| Target number of buckets: 393
2005/11/09 09:00:30| Using 8192 Store buckets
2005/11/09 09:00:30| Max Mem  size: 8192 KB
2005/11/09 09:00:30| Max Swap size: 102400 KB
2005/11/09 09:00:30| Rebuilding storage in /var/spool/squid (CLEAN)
2005/11/09 09:00:30| Using Least Load store dir selection
2005/11/09 09:00:30| Set Current Directory to /var/spool/squid
2005/11/09 09:00:30| Loaded Icons.
2005/11/09 09:00:30| Accepting HTTP connections at 0.0.0.0, port 8080, FD 22. 2005/11/09 09:00:30| Accepting HTTP connections at 0.0.0.0, port 3128, FD 23. 
2005/11/09 09:00:30| Accepting ICP messages at 0.0.0.0, port 3130, FD 24.
2005/11/09 09:00:30| Accepting HTCP messages on port 4827, FD 25.
2005/11/09 09:00:30| Accepting SNMP messages on port 3401, FD 26.
2005/11/09 09:00:30| WCCP Disabled.
2005/11/09 09:00:30| Ready to serve requests.
2005/11/09 09:00:30| Done reading /var/spool/squid swaplog (1227 entries)
2005/11/09 09:00:30| Finished rebuilding storage from disk.
2005/11/09 09:00:30|      1227 Entries scanned
2005/11/09 09:00:30|         0 Invalid entries.
2005/11/09 09:00:30|         0 With invalid flags.
2005/11/09 09:00:30|      1227 Objects loaded.
2005/11/09 09:00:30|         0 Objects expired.
2005/11/09 09:00:30|         0 Objects cancelled.
2005/11/09 09:00:30|         0 Duplicate URLs purged.
2005/11/09 09:00:30|         0 Swapfile clashes avoided.
2005/11/09 09:00:30|   Took 0.3 seconds (4206.2 objects/sec).
2005/11/09 09:00:30| Beginning Validation Procedure
2005/11/09 09:00:30|   Completed Validation Procedure
2005/11/09 09:00:30|   Validated 1227 Entries
2005/11/09 09:00:30|   store_swap_size = 14792k
2005/11/09 09:00:31| WARNING: redirector #1 (FD 7) exited
2005/11/09 09:00:32| storeLateRelease: released 0 objects
2005/11/09 09:00:32| WARNING: redirector #2 (FD 8) exited
2005/11/09 09:00:32| WARNING: redirector #3 (FD 9) exited
2005/11/09 09:00:32| WARNING: redirector #8 (FD 14) exited
2005/11/09 09:00:33| WARNING: redirector #5 (FD 11) exited
2005/11/09 09:00:33| Too few redirector processes are running
2005/11/09 09:00:33| storeDirWriteCleanLogs: Starting...
2005/11/09 09:00:33|   Finished.  Wrote 1227 entries.
2005/11/09 09:00:33|   Took 0.0 seconds (1088731.1 entries/sec).
FATAL: The redirector helpers are crashing too rapidly, need help!

====SquidGuard.conf (expurgated of all "#"comments):

hosts_file /etc/hosts

auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern .        0    20%    4320

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl mynetwork src 192.168.1.0/255.255.255.0

http_access allow manager localhost
http_access allow Safe_ports
http_access allow !Safe_ports
http_access allow CONNECT !SSL_ports
http_access allow mynetwork

http_access allow localhost

http_reply_access allow all

icp_access allow all

visible_hostname shuttle.adams-lan.local

coredump_dir /var/spool/squid

cache_effective_user squid
cache_effective_group squid
http_port 8080
http_port 3128

redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf -C all

===squidGuard.conf:

logdir /var/log/squidGuard
dbhome /usr/share/squidGuard-1.2.0/db

dest ads {
        domainlist ads/domains
        urllist    ads/urls
        redirect 302:http://web.server.com/1x1.gif
}

dest aggressive {
        domainlist aggressive/domains
        urllist    aggressive/urls
        log blocked.log
}

dest audio-video {
        domainlist audio-video/domains
        urllist    audio-video/urls
        log blocked.log
}

dest drugs {
        domainlist drugs/domains
        urllist    drugs/urls
        log blocked.log
}

dest gambling {
        domainlist gambling/domains
        urllist    gambling/urls
        log blocked.log
}

dest hacking {
        domainlist hacking/domains
        urllist    hacking/urls
        log blocked.log
}

#dest mail {
#         domainlist mail/domains
#         urllist    mail/urls
#        log blocked.log
#}

dest porn {
        domainlist porn/domains
        urllist    porn/urls
        log blocked.log
}

dest violence {
        domainlist violence/domains
        urllist    violence/urls
        log blocked.log
}

dest warez {
        domainlist warez/domains
        urllist    warez/urls
        log blocked.log
}

#dest local-ok {
#         domainlist custom/local-ok/domains
#         urllist    custom/local-ok/urls
#}

destination local-block {
        domainlist custom/local-block/domains
        urllist    custom/local-block/urls
        log blocked.log
}


acl {
   default {
pass local-ok !local-block !ads !aggressive !audio-video !drugs !gambling !hacking !porn !violence !warez all 
# !mail not included by default
redirect 302:http://web.server.com/cgi-bin/squidGuard.cgi/?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u # redirect 302:http://web.server.com/cgi-bin/squidGuard-simple.cgi/?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u 
   }
}
# clientaddr|clientname|clientident|srcclass|targetclass|url
# ads aggressive audio-video drugs gambling hacking porn violence warez
The directory structure under /usr/share/squidGuard-1.2.0/db exists and seems fine. 

===Ownership and permissions:

# ll /usr/share/squidGuard-1.2.0/db
total 15
drwxr-xr-x  2 squid squid 1752 Nov  8 20:08 ads/
drwxr-xr-x  2 squid squid  184 Jan 21  2005 adult/
drwxr-xr-x  2 squid squid   96 Jan 21  2005 advertising/
drwxr-xr-x  2 squid squid 1872 Jan 21  2005 aggressive/
drwxr-xr-x  2 squid squid 1552 Jan 21  2005 audio-video/
drwxr-xr-x  2 squid squid  128 Jan 21  2005 banneddestination/
drwxr-xr-x  2 squid squid   72 Jan 21  2005 bannedsource/
drwxr-xr-x  2 squid squid 2072 Jan 21  2005 drugs/
drwxr-xr-x  2 squid squid  184 Jan 21  2005 forums/
drwxr-xr-x  2 squid squid  752 Jan 21  2005 gambling/
drwxr-xr-x  2 squid squid 1232 Jan 21  2005 hacking/
drwxr-xr-x  2 squid squid   72 Jan 21  2005 lansource/
drwxr-xr-x  2 squid squid  128 Nov  8 17:13 mail/
drwxr-xr-x  2 squid squid 2184 Nov  8 20:15 porn/
drwxr-xr-x  2 squid squid   72 Jan 21  2005 privilegedsource/
drwxr-xr-x  2 squid squid  336 Jan 21  2005 proxy/
drwxr-xr-x  2 squid squid  184 Jan 21  2005 publicite/
-rw-r--r--  1 squid squid  508 Mar 25  2000 README
drwxr-xr-x  2 squid squid  184 Jan 21  2005 redirector/
drwxr-xr-x  2 squid squid   72 Jan 21  2005 timerestriction/
drwxr-xr-x  2 squid squid  304 Jan 21  2005 violence/
drwxr-xr-x  2 squid squid  992 Jan 21  2005 warez/
[EMAIL PROTECTED] squid]# ll /var/log/squidGuard
total 508
-rw-r-----  1 squid squid      0 Apr 19  2004 advertising.log
-rw-r-----  1 squid squid      0 Nov  8 17:13 blocked.log
-rw-r-----  1 squid squid      0 Apr 19  2004 squidGuard.error
-rw-r-----  1 squid squid 469693 Nov  9 09:00 squidGuard.log
-rw-r-----  1 squid squid  44603 Nov  9 02:02 squidGuard.log.1.gz
-rw-r-----  1 squid squid    606 Jan 23  2005 squidGuard.log.2.gz
Where else can I look? What else do I need to do to get this thing filtering? 

Thanks.

--
Mark E. Adams
http://adamslan.shyper.com
Random Musing: You can observe a lot just by watching. -- Yogi Berra

Reply via email to