Disable last black list / destination group changed. Maybe this db is crashed
----- Original Message ----- From: "Mark Adams" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Wednesday, November 09, 2005 2:52 PM Subject: The redirector helpers are crashing too rapidly, need help! I am trying to implement squidGuard (1.2.0 Sleepycat Software: Berkeley DB 4.1.25: (September 17, 2004)) on a server under Squid Cache version 2.5.STABLE9 for i586-mandrake-linux. I will paste in config files below for your reference. My problem is that when I configure squid to start squidGuard, then restart the squid service, squid does not run at all. Normal startup, no squidGuard: # ps auwx|grep squid root 6219 0.0 0.1 5264 1492 ? Ss 08:38 0:00 squid -D squid 6221 0.0 0.5 8360 5228 ? S 08:38 0:00 (squid) -D squid 6224 0.0 0.0 1256 264 ? Ss 08:38 0:00 (unlinkd) root 6262 0.0 0.0 1760 600 pts/0 R+ 08:58 0:00 grep squid Startup with squidGuard active (redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf -C all): # ps auwx|grep squid root 6314 0.0 0.1 5264 1492 ? Ss 09:00 0:00 squid -D squid 6360 43.0 0.0 0 0 ? Rs 09:00 0:01 [squidGuard] squid 6361 0.6 0.1 6044 1580 ? Rs 09:00 0:00 (squidGuard) -c /etc/squid/squidGuard.conf -C all squid 6363 0.3 0.1 5512 1468 ? Rs 09:00 0:00 (squidGuard) -c /etc/squid/squidGuard.conf -C all squid 6364 7.3 0.1 6440 1996 ? Ds 09:00 0:00 (squidGuard) -c /etc/squid/squidGuard.conf -C all squid 6368 7.0 0.1 6440 1996 ? Rs 09:00 0:00 (squidGuard) -c /etc/squid/squidGuard.conf -C all squid 6369 0.3 0.1 4840 1360 ? Rs 09:00 0:00 (squidGuard) -c /etc/squid/squidGuard.conf -C all root 6372 0.0 0.0 1760 596 pts/0 R+ 09:00 0:00 grep squid Then after about 30 seconds: # ps auwx|grep squid root 6406 0.0 0.0 1760 604 pts/0 S+ 09:01 0:00 grep squid And of course, the proxy is unreachable. ===Here is the log under failure: # tail -100 /var/log/squid/cache.log 2005/11/09 09:00:30| Unlinkd pipe opened on FD 20 2005/11/09 09:00:30| Swap maxSize 102400 KB, estimated 7876 objects 2005/11/09 09:00:30| Target number of buckets: 393 2005/11/09 09:00:30| Using 8192 Store buckets 2005/11/09 09:00:30| Max Mem size: 8192 KB 2005/11/09 09:00:30| Max Swap size: 102400 KB 2005/11/09 09:00:30| Rebuilding storage in /var/spool/squid (CLEAN) 2005/11/09 09:00:30| Using Least Load store dir selection 2005/11/09 09:00:30| Set Current Directory to /var/spool/squid 2005/11/09 09:00:30| Loaded Icons. 2005/11/09 09:00:30| Accepting HTTP connections at 0.0.0.0, port 8080, FD 22. 2005/11/09 09:00:30| Accepting HTTP connections at 0.0.0.0, port 3128, FD 23. 2005/11/09 09:00:30| Accepting ICP messages at 0.0.0.0, port 3130, FD 24. 2005/11/09 09:00:30| Accepting HTCP messages on port 4827, FD 25. 2005/11/09 09:00:30| Accepting SNMP messages on port 3401, FD 26. 2005/11/09 09:00:30| WCCP Disabled. 2005/11/09 09:00:30| Ready to serve requests. 2005/11/09 09:00:30| Done reading /var/spool/squid swaplog (1227 entries) 2005/11/09 09:00:30| Finished rebuilding storage from disk. 2005/11/09 09:00:30| 1227 Entries scanned 2005/11/09 09:00:30| 0 Invalid entries. 2005/11/09 09:00:30| 0 With invalid flags. 2005/11/09 09:00:30| 1227 Objects loaded. 2005/11/09 09:00:30| 0 Objects expired. 2005/11/09 09:00:30| 0 Objects cancelled. 2005/11/09 09:00:30| 0 Duplicate URLs purged. 2005/11/09 09:00:30| 0 Swapfile clashes avoided. 2005/11/09 09:00:30| Took 0.3 seconds (4206.2 objects/sec). 2005/11/09 09:00:30| Beginning Validation Procedure 2005/11/09 09:00:30| Completed Validation Procedure 2005/11/09 09:00:30| Validated 1227 Entries 2005/11/09 09:00:30| store_swap_size = 14792k 2005/11/09 09:00:31| WARNING: redirector #1 (FD 7) exited 2005/11/09 09:00:32| storeLateRelease: released 0 objects 2005/11/09 09:00:32| WARNING: redirector #2 (FD 8) exited 2005/11/09 09:00:32| WARNING: redirector #3 (FD 9) exited 2005/11/09 09:00:32| WARNING: redirector #8 (FD 14) exited 2005/11/09 09:00:33| WARNING: redirector #5 (FD 11) exited 2005/11/09 09:00:33| Too few redirector processes are running 2005/11/09 09:00:33| storeDirWriteCleanLogs: Starting... 2005/11/09 09:00:33| Finished. Wrote 1227 entries. 2005/11/09 09:00:33| Took 0.0 seconds (1088731.1 entries/sec). FATAL: The redirector helpers are crashing too rapidly, need help! ====SquidGuard.conf (expurgated of all "#"comments): hosts_file /etc/hosts auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT acl mynetwork src 192.168.1.0/255.255.255.0 http_access allow manager localhost http_access allow Safe_ports http_access allow !Safe_ports http_access allow CONNECT !SSL_ports http_access allow mynetwork http_access allow localhost http_reply_access allow all icp_access allow all visible_hostname shuttle.adams-lan.local coredump_dir /var/spool/squid cache_effective_user squid cache_effective_group squid http_port 8080 http_port 3128 redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf -C all ===squidGuard.conf: logdir /var/log/squidGuard dbhome /usr/share/squidGuard-1.2.0/db dest ads { domainlist ads/domains urllist ads/urls redirect 302:http://web.server.com/1x1.gif } dest aggressive { domainlist aggressive/domains urllist aggressive/urls log blocked.log } dest audio-video { domainlist audio-video/domains urllist audio-video/urls log blocked.log } dest drugs { domainlist drugs/domains urllist drugs/urls log blocked.log } dest gambling { domainlist gambling/domains urllist gambling/urls log blocked.log } dest hacking { domainlist hacking/domains urllist hacking/urls log blocked.log } #dest mail { # domainlist mail/domains # urllist mail/urls # log blocked.log #} dest porn { domainlist porn/domains urllist porn/urls log blocked.log } dest violence { domainlist violence/domains urllist violence/urls log blocked.log } dest warez { domainlist warez/domains urllist warez/urls log blocked.log } #dest local-ok { # domainlist custom/local-ok/domains # urllist custom/local-ok/urls #} destination local-block { domainlist custom/local-block/domains urllist custom/local-block/urls log blocked.log } acl { default { pass local-ok !local-block !ads !aggressive !audio-video !drugs !gambling !hacking !porn !violence !warez all # !mail not included by default redirect 302:http://web.server.com/cgi-bin/squidGuard.cgi/?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u # redirect 302:http://web.server.com/cgi-bin/squidGuard-simple.cgi/?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u } } # clientaddr|clientname|clientident|srcclass|targetclass|url # ads aggressive audio-video drugs gambling hacking porn violence warez The directory structure under /usr/share/squidGuard-1.2.0/db exists and seems fine. ===Ownership and permissions: # ll /usr/share/squidGuard-1.2.0/db total 15 drwxr-xr-x 2 squid squid 1752 Nov 8 20:08 ads/ drwxr-xr-x 2 squid squid 184 Jan 21 2005 adult/ drwxr-xr-x 2 squid squid 96 Jan 21 2005 advertising/ drwxr-xr-x 2 squid squid 1872 Jan 21 2005 aggressive/ drwxr-xr-x 2 squid squid 1552 Jan 21 2005 audio-video/ drwxr-xr-x 2 squid squid 128 Jan 21 2005 banneddestination/ drwxr-xr-x 2 squid squid 72 Jan 21 2005 bannedsource/ drwxr-xr-x 2 squid squid 2072 Jan 21 2005 drugs/ drwxr-xr-x 2 squid squid 184 Jan 21 2005 forums/ drwxr-xr-x 2 squid squid 752 Jan 21 2005 gambling/ drwxr-xr-x 2 squid squid 1232 Jan 21 2005 hacking/ drwxr-xr-x 2 squid squid 72 Jan 21 2005 lansource/ drwxr-xr-x 2 squid squid 128 Nov 8 17:13 mail/ drwxr-xr-x 2 squid squid 2184 Nov 8 20:15 porn/ drwxr-xr-x 2 squid squid 72 Jan 21 2005 privilegedsource/ drwxr-xr-x 2 squid squid 336 Jan 21 2005 proxy/ drwxr-xr-x 2 squid squid 184 Jan 21 2005 publicite/ -rw-r--r-- 1 squid squid 508 Mar 25 2000 README drwxr-xr-x 2 squid squid 184 Jan 21 2005 redirector/ drwxr-xr-x 2 squid squid 72 Jan 21 2005 timerestriction/ drwxr-xr-x 2 squid squid 304 Jan 21 2005 violence/ drwxr-xr-x 2 squid squid 992 Jan 21 2005 warez/ [EMAIL PROTECTED] squid]# ll /var/log/squidGuard total 508 -rw-r----- 1 squid squid 0 Apr 19 2004 advertising.log -rw-r----- 1 squid squid 0 Nov 8 17:13 blocked.log -rw-r----- 1 squid squid 0 Apr 19 2004 squidGuard.error -rw-r----- 1 squid squid 469693 Nov 9 09:00 squidGuard.log -rw-r----- 1 squid squid 44603 Nov 9 02:02 squidGuard.log.1.gz -rw-r----- 1 squid squid 606 Jan 23 2005 squidGuard.log.2.gz Where else can I look? What else do I need to do to get this thing filtering? Thanks. -- Mark E. Adams http://adamslan.shyper.com Random Musing: You can observe a lot just by watching. -- Yogi Berra
