Linux Forums - Linux Help,Advice & support community:LinuxSolved.com
Network Troublshooting => Linux Servers Support => Topic started by: majid_mah on November 23, 2003, 06:02:02 AM
-
i configure squid now
why when i start squid , pages brows very slow ?
without set proxy i can brows page very fast
tnx
-
Do this happen on Clients or sever itself when u set ur server browser to use proxy ???
-
this happen in clients when i set client browser to use proxy
i test it just with a computer but speed is very slow
tnx for reply
-
Well.. It may be due to misconfiguration... or due to use of delay pools.. r u using delay pools in proxy ..
Also.. have u intialized the cache directory >>???
If not sure .. just post ur squid.conf here..
-
copy this and past it in your terminal at root. Follow this steps.
1. open terminal
2. type "su" to get to root
3. Copy this and past to get your squid.conf (egrep -v "^$|^#" /etc/squid/squid.conf)
And then post it or mail me the conf segun1ng@yahoo.com to see how we can help you out.
Hope to here from U.
-
Segun.. I think you can solve his problem here also..!! This site is to solve each other problem.. isn't ?? so no need for emaill etc.. !!
-
hi
here is my squid.conf file
i think mayby my problem depended to iptables.
what is your idia?
----------------------------------------
http_port 192.168.1.1:3128
icp_port 3130
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 8 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
cache_dir ufs /var/spool/squid 1000 16 256
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl localnet src 192.168.1.0/255.255.255.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access allow localnet
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
coredump_dir /var/spool/squid
--------------------------------------------------
tnx for reply
-
Well.. here i think you should try the following modified version of your squid.conf.
icp_port 3130
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 16 MB
maximum_object_size 4096 KB
cache_dir ufs /var/spool/squid 1000 16 256
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl localnet src 192.168.1.0/255.255.255.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access allow localnet
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
coredump_dir /var/spool/squid
http_port 3128And tell us!!
And also one thing is to be noted that give proxy little time to build up its cache...
-
hi
my speed is slow yet
here is my cache.log file.
2003/12/06 20:44:45| Starting Squid Cache version 2.5.STABLE1 for i386-redhat-linux-gnu...
2003/12/06 20:44:45| Process ID 4846
2003/12/06 20:44:45| With 1024 file descriptors available
2003/12/06 20:44:45| DNS Socket created at 0.0.0.0, port 32782, FD 5
2003/12/06 20:44:45| Adding nameserver 192.168.1.1 from squid.conf
2003/12/06 20:44:45| Adding nameserver 192.9.9.3 from squid.conf
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_READ_TIMEOUT': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_LIFETIME_EXP': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_READ_ERROR': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_WRITE_ERROR': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_SHUTTING_DOWN': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_CONNECT_FAIL': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_INVALID_REQ': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_UNSUP_REQ': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_INVALID_URL': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_SOCKET_FAILURE': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_DNS_FAIL': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_CANNOT_FORWARD': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_FORWARDING_DENIED': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_NO_RELAY': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_ZERO_SIZE_OBJECT': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_FTP_DISABLED': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_FTP_FAILURE': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_URN_RESOLVE': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_ACCESS_DENIED': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_CACHE_ACCESS_DENIED': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_CACHE_MGR_ACCESS_DENIED': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_FTP_PUT_CREATED': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_FTP_PUT_MODIFIED': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_FTP_PUT_ERROR': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_FTP_NOT_FOUND': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_FTP_FORBIDDEN': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_FTP_UNAVAILABLE': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_ONLY_IF_CACHED_MISS': (2) No such file or directory
2003/12/06 20:44:45| errorTryLoadText: '/usr/share/squid/errors/ERR_TOO_BIG': (2) No such file or directory
2003/12/06 20:44:45| Unlinkd pipe opened on FD 10
2003/12/06 20:44:45| Swap maxSize 1024000 KB, estimated 78769 objects
2003/12/06 20:44:45| Target number of buckets: 3938
2003/12/06 20:44:45| Using 8192 Store buckets
2003/12/06 20:44:45| Max Mem size: 131072 KB
2003/12/06 20:44:45| Max Swap size: 1024000 KB
2003/12/06 20:44:45| Rebuilding storage in /var/spool/squid (CLEAN)
2003/12/06 20:44:45| Using Least Load store dir selection
2003/12/06 20:44:45| Set Current Directory to /var/spool/squid
2003/12/06 20:44:45| Loaded Icons.
2003/12/06 20:44:45| Accepting HTTP connections at 192.168.1.1, port 3128, FD 12.
2003/12/06 20:44:45| Accepting ICP messages at 0.0.0.0, port 192, FD 13.
2003/12/06 20:44:45| WCCP Disabled.
2003/12/06 20:44:45| Ready to serve requests.
2003/12/06 20:44:45| Done reading /var/spool/squid swaplog (5 entries)
2003/12/06 20:44:45| Finished rebuilding storage from disk.
2003/12/06 20:44:45| 5 Entries scanned
2003/12/06 20:44:45| 0 Invalid entries.
2003/12/06 20:44:45| 0 With invalid flags.
2003/12/06 20:44:45| 5 Objects loaded.
2003/12/06 20:44:45| 0 Objects expired.
2003/12/06 20:44:45| 0 Objects cancelled.
2003/12/06 20:44:45| 0 Duplicate URLs purged.
2003/12/06 20:44:45| 0 Swapfile clashes avoided.
2003/12/06 20:44:45| Took 0.3 seconds ( 17.5 objects/sec).
2003/12/06 20:44:45| Beginning Validation Procedure
2003/12/06 20:44:45| Completed Validation Procedure
2003/12/06 20:44:45| Validated 5 Entries
2003/12/06 20:44:45| store_swap_size = 44k
2003/12/06 20:44:46| storeLateRelease: released 0 objects
-
Here.. your cache is not working.. that's why you are facing slow speed..
Not sure what is the problem but it is about wrong file permission... you can add special user to your linux only for squid use..
So create a group "squser" and a user "sqgroup"
Now.. add the following lines.. to your squid.conf cache_effective_user squser
cache_effective_group sqgroup
Now next step is to change the ownership of all the files used by squid to the "squser" and "sqgroup" including cache directory.
i am giving here you the example for chagining cache directory permission.
chown squser:sqgroup /var/spool/squid
In similar way make all the files rquired by squid owned by the user and gruop we have created and then run squid.. and check cache.log if it is unable to open any file..
Lastly i suggest you to use a differnet separate partition for squid cache.
-
I added the lines to my squid.conf but i have problem yet
-
Did you set the right permissions. ???
-
yes , i set !
-
Hmm.. Well.. r u still able to run squid properly ?? Have you intialised the squid's cache before starting the squid first time with -z ??
Well i think again post your last few lines of cache.log to check wht the effect of adding user is..
-
I am going to send cache.log file.
also when i load a page from client with proxy my client connection ( small monitor on taskbar )send and receive for a short time and after taht it is going to stop send and receive for long time and after that send and receive again and page loaded.
what do you thing about this ?
best regard
-
where u will send .. send me PM...
That's usual..
-
hi
here is my cache.log code.
Is squid speed depended to resolv.conf file ?
2003/12/10 16:57:18| Starting Squid Cache version 2.5.STABLE1 for i386-redhat-linux-gnu...
2003/12/10 16:57:18| Process ID 3622
2003/12/10 16:57:18| With 1024 file descriptors available
2003/12/10 16:57:18| DNS Socket created at 0.0.0.0, port 32776, FD 5
2003/12/10 16:57:18| Adding nameserver 192.168.1.1 from squid.conf
2003/12/10 16:57:18| Adding nameserver 192.9.9.3 from squid.conf
2003/12/10 16:57:18| Unlinkd pipe opened on FD 10
2003/12/10 16:57:18| Swap maxSize 1024000 KB, estimated 78769 objects
2003/12/10 16:57:18| Target number of buckets: 3938
2003/12/10 16:57:18| Using 8192 Store buckets
2003/12/10 16:57:18| Max Mem size: 131072 KB
2003/12/10 16:57:18| Max Swap size: 1024000 KB
2003/12/10 16:57:18| Rebuilding storage in /var/spool/squid (CLEAN)
2003/12/10 16:57:18| Using Least Load store dir selection
2003/12/10 16:57:18| Set Current Directory to /var/spool/squid
2003/12/10 16:57:18| Loaded Icons.
2003/12/10 16:57:18| Accepting HTTP connections at 192.168.1.1, port 3128, FD 12.
2003/12/10 16:57:18| Accepting ICP messages at 0.0.0.0, port 192, FD 13.
2003/12/10 16:57:18| WCCP Disabled.
2003/12/10 16:57:18| Ready to serve requests.
2003/12/10 16:57:18| Done reading /var/spool/squid swaplog (13 entries)
2003/12/10 16:57:18| Finished rebuilding storage from disk.
2003/12/10 16:57:18| 13 Entries scanned
2003/12/10 16:57:18| 0 Invalid entries.
2003/12/10 16:57:18| 0 With invalid flags.
2003/12/10 16:57:18| 13 Objects loaded.
2003/12/10 16:57:18| 0 Objects expired.
2003/12/10 16:57:18| 0 Objects cancelled.
2003/12/10 16:57:18| 0 Duplicate URLs purged.
2003/12/10 16:57:18| 0 Swapfile clashes avoided.
2003/12/10 16:57:18| Took 0.3 seconds ( 46.3 objects/sec).
2003/12/10 16:57:18| Beginning Validation Procedure
2003/12/10 16:57:18| Completed Validation Procedure
2003/12/10 16:57:18| Validated 13 Entries
2003/12/10 16:57:18| store_swap_size = 88k
2003/12/10 16:57:19| storeLateRelease: released 0 objects
-
What type of connection you are having .. ??
Well here wht i am seeing that your cache is not working at all. As i has asked you earlier . have you initialized the cache before running squid for first time ??
Well.. I think you have not yet updated your squid.conf which i have given you earlier.. ie. you modified squid.conf
I think i have got your problem.. change your following line in squid.conf
http_port 192.168.1.1:3128 to
http_port 3128
also send me your current squid.conf to my pm
-
I want my clients have the same bandwidth .
and if one user is going to download alot of thing he only use his bandwidth
(I have 512Kb receive and 128Kb send , and i have 80 computers for my lan,
then i want all computers have the same bandwidth and some time some of them have more bandwidth than another)
how can i do this?
best regards
-
Well first you need to have your proxy running properly.. then you can later use delay pools to control other stuff on LAN..
Well if you get your proxy optimized at its best you will experience as you are having 1 mbps or faster connection...
-
hi Ricky
did you get my pm ?
I have done the http proxy but i want to know how can i make transparent proxy for it so client do not have to set their browsers for proxy. and they can use other applications like . msn msoutlook etc for them.
I used this code :
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
but i can not brows any page without proxy seeting
and how can i use delay pools ?
best regards.
-
Well i have already answered the question about setting up transparency .. see other threads about squid proxy..
-
hi
when i add this code
route add -net 217.219.1.0 netmask 255.255.255.0 gw X.X.X.X
to my rc.local file , after that with set proxy and without set proxy in client's browser i can brows page ,also if i set wrong ip with wrong port for client's browser i can brows page too !!!
i think client's browser don't use proxy .
without rout add command in rc.local file my clients can not brows any thing and my proxy work well.
what is my problem .
best regards.
-
by using route you are simply using NAT so no transparent proxy. here..
What is transparent proxy.. It means clients sends request to the server instead of sending it to proxy derectly but the server redirect them to proxy.. so here we use NAT+proxy = Transparent proxy..
give a look to this thread... http://www.linuxsolved.com/forums/viewtopic.php?t=86
-
hi Ricky
If your idia is that my proxy and cache is working well , why client can brows page that i deny in squid.conf. ( in server i can not brows deny site )
how can i use route add and clients can not brows deny page in squid.conf
best regards
-
well you are confusing.. as far as i m getting from your available cache.log . your squid is not working or using its cache..
Also you have not sent me your current cache.log (last few lines )as well as your squid.conf .
Well now usage of iptables are better.. they are more versatile ... have you not seen the thread about setting up transparent proxy.. i have given the link..
-
hi Ricky
evry thing is working well.
I am going to write squid.conf and rc.local for you.
tnx for evry thing
-
That will be nice. It will help others to set theirs up too.
Later
Yes, I have been hiding. I have been sick with the "nasty" flu. I'm thinking about going to the Dr. now.
:cry: :cry: :cry:
:D
-
How can I clean my squid cache to start with a clean cache?
-
Hi.. I just don't remember that wht is exact word to do it.. It should like..
/usr/local/squid/sbin/squid -k ????? Well u can do another thing..
that is empty your cache directory and again initialize the cache using
/usr/local/squid/sbin/squid -z