Cache squid3

1. Cache squid3

danielmelo28
(usa Debian)

Enviado em 04/05/2013 - 18:51h

Amigos não sei o que esta acontecendo mandei um tail -f no cache.log do squid3 e o retorno foi :

2013/05/04 18:48:28| IpIntercept.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed on FD 29: (92) Protocol not available
2013/05/04 18:48:28| IpIntercept.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed on FD 29: (92) Protocol not available
2013/05/04 18:48:29| IpIntercept.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed on FD 31: (92) Protocol not available
2013/05/04 18:48:35| IpIntercept.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed on FD 28: (92) Protocol not available
2013/05/04 18:48:35| IpIntercept.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed on FD 31: (92) Protocol not available
2013/05/04 18:48:35| IpIntercept.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed on FD 28: (92) Protocol not available
2013/05/04 18:48:35| IpIntercept.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed on FD 28: (92) Protocol not available
2013/05/04 18:48:35| IpIntercept.cc(137) NetfilterInterception: NF getsockopt(SO_ORIGINAL_DST) failed on FD 28: (92) Protocol not available
2013/05/04 18:48:43| IpIntercept.cc(137)

fico no aguardo .

0 0

Quote

2. Re: Cache squid3

Buckminster
(usa Debian)

Enviado em 04/05/2013 - 19:52h

O Squid está reclamando que ele não pode encontrar informações sobre a verdadeira origem desse tráfego.
Posta aqui teu squid.conf.

0 0

Quote

3. Re: Cache squid3

danielmelo28
(usa Debian)

Enviado em 04/05/2013 - 20:38h

http_port 3128 transparent

# OPTIONS WHICH AFFECT THE CACHE SIZE

cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 10485760 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 64 KB

fqdncache_size 1024

cache_replacement_policy lru
memory_replacement_policy lru

#LOG PATHNAMES AND CACHE DIRECTORIES

cache_dir ufs /var/spool/squid3 4000 16 256
cache_access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
cache_store_log /var/log/squid3/store.log

# emulate_httpd_log off
# log_ip_on_direct off
# mime_table /usr/share/squid3/mime.conf
pid_filename /var/run/squid3.pid
debug_options ALL,1
# log_fqdn on
# client_netmask 255.255.255.0
dns_nameservers 8.8.8.8
# hosts_file /etc/hosts
#OPTIONS FOR TUNING THE CACHE
hierarchy_stoplist cgi-bin ?

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880

#CONTROL ACCESS

acl localhost src 127.0.0.1/32
acl localnet src 192.168.1.0/24
acl manager proto cache_object
acl purge method PURGE
acl safe_ports port 21 70 80 210 280 443 488 563 591 631 777 873 901 1024-65535
acl connect method CONNECT
acl SSL_ports port 443
acl SSL_ports port 563
acl SSL_ports port 873
acl block_word url_regex -i "/etc/squid3/acl/word_block.txt"
acl dom_porn srcdomain "/etc/squid3/acl/black/[*****]/dom_porn"
acl expre_porn urlpath_regex -i "/etc/squid3/acl/black/[*****]/expressao"
acl ip_regex url_regex ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$
acl vintesete url_regex ^127.0.0.1$
#REGRAS PADRÃO DO SQUID3

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny connect !SSL_ports
http_access allow vintesete
http_access deny ip_regex
http_access deny dom_porn
http_access deny expre_porn
#http_access deny extensions
http_access deny block_word
http_access allow localnet
http_access allow localhost
http_access deny all

visible_hostname Servidor_ubuntu
error_directory /usr/share/squid3/errors/pt-br

0 0

Quote

4. Re: Cache squid3

Buckminster
(usa Debian)

Enviado em 04/05/2013 - 23:34h

acl safe_ports port 21 70 80 210 280 443 488 563 591 631 777 873 901 1024-65535

O "s" em Safe_ports é maiúsculo. E eu te aconselho a separar essa portas criando mais acls:

Faça assim, colocando no máximo 5 portas em cada ACL e separando o range:
acl Safe_ports port 21 70 80 210 280
acl Safe_ports port 443 488 563 631 777
acl Safe_ports port 873 901
acl Safe_ports port 1024-65535

Se não resolver acredito que você deva fazer uma ACL para cada porta.
Faça as alterações e teste.
Qual a versão do teu Squid?

0 0

Quote

5. Re: Cache squid3

danielmelo28
(usa Debian)

Enviado em 07/05/2013 - 00:54h

Squid Cache: Version 3.1.20

olá amigo , funcionou o que fiz foi o seguinte,
mudei a forma do proxy squid3 para não transparente
removi o cache e criei um novo e dei um restart no squid3.

0 0

Quote