Forum Debian Users Gang

djlinux1992 · 2006-04-22 16:56:19

Witam
Postanowiłem zmniejszyć ruch mojej sieci przez postawienie squida

prosze oto config

Kod:

http_port 8080
cache_mem 8 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
maximum_object_size_in_memory 1 MB
cache_replacement_policy lru
memory_replacement_policy lru
cache_dir ufs /var/spool/squid 200 16 256
cache_access_log /var/log/squid/access.log
cache_store_log /var/log/squid/store.log


#Recommended minimum configuration


acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 631 # cups
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

#Recommended minimum configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Only allow purge requests from localhost
http_access allow purge localhost
http_access deny purge
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
acl ournet src 192.168.1.0/255.255.255.0
http_access allow ournet
ie_refresh on
cache_mgr djlinux92@gmail.com
cache_effective_user squid
cache_effective_group squid
visible_hostname luggage     :)

A popatrzcie na ten ciąg :

Kod:

debian:/# /etc/init.d/./squid stop
Stopping proxy server: squid.
debian:/# /etc/init.d/./squid start
Starting proxy server: squid.
debian:/# /etc/init.d/./squid start
Starting proxy server: squid.

A oczywiście dalej nie działa, nmap zadnego portu nie widzi po włączeniu serwera nawet :(

Niewiem co to może być .... please pomocy ...

guzzi · 2006-04-22 17:27:16

Tu masz działającego.
http://forum.dug.net.pl/viewtopic.php?t=3114&highlight=guzzi+proxy

djlinux1992 · 2006-04-22 18:22:09

Nie no za chiny wpisywałem skopiowałem tamten config lipa przerabiałem go lipa
No i mnie to denerwuje.
Teraz dziwna sprawa niechcacy wkleiłem ten config dwa razy do jednego pliku i odziwo nmap wykrył mojego squida :D ale nie działał bo config był walniety
Czy ten squid taki zawsze czy tylko dla nowicjuszy taki pełny tajemnic?
Może jest jakaś alternatywa?

BiExi · 2006-04-23 19:48:35

Na sam poczatek proponuje Ci przejzec logi co ten squid wypisuje zrub sobie tak w [b]/etc/syslog.conf[/b] dopiszsobie linie

Kod:

*.* -/var/log/all.log

mnastepnie zresetuj demna

Kod:

/etc/init.d/sysklogd restart

na jednej z konsol daj sobie podlad na ogi polecenie

Kod:

tail -f /var/log/all.log

zresetuj squid'a

i powedz nma co Ci logi napisaly

djlinux1992 · 2006-04-24 16:09:34

Dobra sypało coś na początku ze plików nie ma gdzie zapisać , założyłem zachmodowałem i teraz mam takie coś :

Kod:

Apr 24 15:38:39 wojtek squid[17495]: Waiting 30 seconds for active connections to finish 
Apr 24 15:38:39 wojtek squid[17495]: FD 13 Closing HTTP connection 
Apr 24 15:38:39 wojtek squid[17495]: Shutting down... 
Apr 24 15:38:39 wojtek squid[17495]: FD 14 Closing ICP connection 
Apr 24 15:38:39 wojtek squid[17495]: Closing unlinkd pipe on FD 11 
Apr 24 15:38:39 wojtek squid[17495]: storeDirWriteCleanLogs: Starting... 
Apr 24 15:38:39 wojtek squid[17495]:   Finished.  Wrote 0 entries. 
Apr 24 15:38:39 wojtek squid[17495]:   Took 0.0 seconds (   0.0 entries/sec). 
Apr 24 15:38:39 wojtek squid[17495]: Squid Cache (Version 2.5.STABLE9): Exiting normally. 
Apr 24 15:38:39 wojtek squid[17492]: Squid Parent: child process 17495 exited with status 0
Apr 24 15:38:46 wojtek squid[17548]: Squid Parent: child process 17551 started
Apr 24 15:38:46 wojtek squid[17551]: Starting Squid Cache version 2.5.STABLE9 for i386-debian-linux-gnu... 
Apr 24 15:38:46 wojtek squid[17551]: Process ID 17551 
Apr 24 15:38:46 wojtek squid[17551]: With 1024 file descriptors available 
Apr 24 15:38:46 wojtek squid[17551]: DNS Socket created at 0.0.0.0, port 1035, FD 6 
Apr 24 15:38:46 wojtek squid[17551]: Adding nameserver 194.204.152.34 from /etc/resolv.conf 
Apr 24 15:38:46 wojtek squid[17551]: Adding nameserver 194.204.159.1 from /etc/resolv.conf 
Apr 24 15:38:46 wojtek squid[17551]: User-Agent logging is disabled. 
Apr 24 15:38:46 wojtek squid[17551]: Referer logging is disabled. 
Apr 24 15:38:46 wojtek squid[17551]: Unlinkd pipe opened on FD 11 
Apr 24 15:38:46 wojtek squid[17551]: Swap maxSize 204800 KB, estimated 15753 objects 
Apr 24 15:38:46 wojtek squid[17551]: Target number of buckets: 787 
Apr 24 15:38:46 wojtek squid[17551]: Using 8192 Store buckets 
Apr 24 15:38:46 wojtek squid[17551]: Max Mem  size: 8192 KB 
Apr 24 15:38:46 wojtek squid[17551]: Max Swap size: 204800 KB 
Apr 24 15:38:46 wojtek squid[17551]: Local cache digest enabled; rebuild/rewrite every 3600/3600 sec 
Apr 24 15:38:46 wojtek squid[17551]: Rebuilding storage in /var/spool/squid (CLEAN) 
Apr 24 15:38:46 wojtek squid[17551]: Using Least Load store dir selection 
Apr 24 15:38:46 wojtek squid[17551]: Current Directory is / 
Apr 24 15:38:46 wojtek squid[17551]: Loaded Icons. 
Apr 24 15:38:46 wojtek squid[17551]: Accepting HTTP connections at 0.0.0.0, port 8080, FD 13. 
Apr 24 15:38:46 wojtek squid[17551]: Accepting ICP messages at 0.0.0.0, port 3130, FD 14. 
Apr 24 15:38:46 wojtek squid[17551]: HTCP Disabled. 
Apr 24 15:38:46 wojtek squid[17551]: WCCP Disabled. 
Apr 24 15:38:46 wojtek squid[17551]: Ready to serve requests. 
Apr 24 15:38:46 wojtek squid[17551]: Done reading /var/spool/squid swaplog (0 entries) 
Apr 24 15:38:46 wojtek squid[17551]: Finished rebuilding storage from disk. 
Apr 24 15:38:46 wojtek squid[17551]:         0 Entries scanned 
Apr 24 15:38:46 wojtek squid[17551]:         0 Invalid entries. 
Apr 24 15:38:46 wojtek squid[17551]:         0 With invalid flags. 
Apr 24 15:38:46 wojtek squid[17551]:         0 Objects loaded. 
Apr 24 15:38:46 wojtek squid[17551]:         0 Objects expired. 
Apr 24 15:38:46 wojtek squid[17551]:         0 Objects cancelled. 
Apr 24 15:38:46 wojtek squid[17551]:         0 Duplicate URLs purged. 
Apr 24 15:38:46 wojtek squid[17551]:         0 Swapfile clashes avoided. 
Apr 24 15:38:46 wojtek squid[17551]:   Took 0.4 seconds (   0.0 objects/sec). 
Apr 24 15:38:46 wojtek squid[17551]: Beginning Validation Procedure 
Apr 24 15:38:46 wojtek squid[17551]:   Completed Validation Procedure 
Apr 24 15:38:46 wojtek squid[17551]:   Validated 0 Entries 
Apr 24 15:38:46 wojtek squid[17551]:   store_swap_size = 0k 
Apr 24 15:38:47 wojtek squid[17551]: storeLateRelease: released 0 objects

djlinux1992 · 2006-04-24 18:17:13

No qrde może ktoś mi pomoże i powie co może być przyczyną tak "zwalonego squida" - po odpaleniu teraz nmap widzi go ,ale dalej nie działa jako proxy :/
Pomysły?

Lite-ON · 2006-04-24 19:06:58

włączyłeś sobie w przeglądarce proxy? :)
127.0.0.1:8080

vicool · 2006-04-24 20:04:48

mialem kiedys podobny problem ktory rozwiazalem wpisujac w firewalla:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

vicool · 2006-04-24 20:06:46

no i oczywiscie musisz miec odblokowany port 8080

djlinux1992 · 2006-04-24 20:34:22

Dziekuje BiExi za twój sposób na syslog dla Squida :)
A Tobie vicool za to ,że mi przypomniałeś o firewall'u ,odblokowałem port i śmiga JUPI!!
Normalnie Squid zachrzania aż miło :)

Time (s)	Query
0.00020	SET CHARSET latin2
0.00008	SET NAMES latin2
0.00159	SELECT u., g., o.logged FROM punbb_users AS u INNER JOIN punbb_groups AS g ON u.group_id=g.g_id LEFT JOIN punbb_online AS o ON o.ident='3.144.6.9' WHERE u.id=1
0.00129	REPLACE INTO punbb_online (user_id, ident, logged) VALUES(1, '3.144.6.9', 1738363622)
0.00067	SELECT * FROM punbb_online WHERE logged<1738363322
0.00053	SELECT topic_id FROM punbb_posts WHERE id=26711
0.00012	SELECT id FROM punbb_posts WHERE topic_id=3377 ORDER BY posted
0.00069	SELECT t.subject, t.closed, t.num_replies, t.sticky, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, 0 FROM punbb_topics AS t INNER JOIN punbb_forums AS f ON f.id=t.forum_id LEFT JOIN punbb_forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=3) WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id=3377 AND t.moved_to IS NULL
0.00007	SELECT search_for, replace_with FROM punbb_censoring
0.00111	SELECT u.email, u.title, u.url, u.location, u.use_avatar, u.signature, u.email_setting, u.num_posts, u.registered, u.admin_note, p.id, p.poster AS username, p.poster_id, p.poster_ip, p.poster_email, p.message, p.hide_smilies, p.posted, p.edited, p.edited_by, g.g_id, g.g_user_title, o.user_id AS is_online FROM punbb_posts AS p INNER JOIN punbb_users AS u ON u.id=p.poster_id INNER JOIN punbb_groups AS g ON g.g_id=u.group_id LEFT JOIN punbb_online AS o ON (o.user_id=u.id AND o.user_id!=1 AND o.idle=0) WHERE p.topic_id=3377 ORDER BY p.id LIMIT 0,25
0.00136	UPDATE punbb_topics SET num_views=num_views+1 WHERE id=3377
Total query time: 0.00771 s

Forum Debian Users Gang

Ogłoszenie

#1 2006-04-22 16:56:19

djlinux1992 - Użytkownik

Squid jak go zmusić do działania?

Kod:

Kod:

#2 2006-04-22 17:27:16

guzzi - Członek DUG

Re: Squid jak go zmusić do działania?

#3 2006-04-22 18:22:09

djlinux1992 - Użytkownik

Re: Squid jak go zmusić do działania?

#4 2006-04-23 19:48:35

BiExi - matka przelozona

Re: Squid jak go zmusić do działania?

Kod:

Kod:

Kod:

#5 2006-04-24 16:09:34

djlinux1992 - Użytkownik

Re: Squid jak go zmusić do działania?

Kod:

#6 2006-04-24 18:17:13

djlinux1992 - Użytkownik

Re: Squid jak go zmusić do działania?

#7 2006-04-24 19:06:58

Lite-ON - Członek DUG

Re: Squid jak go zmusić do działania?

#8 2006-04-24 20:04:48

vicool - Użytkownik

Re: Squid jak go zmusić do działania?

#9 2006-04-24 20:06:46

vicool - Użytkownik

Re: Squid jak go zmusić do działania?

#10 2006-04-24 20:34:22

djlinux1992 - Użytkownik

Re: Squid jak go zmusić do działania?

Stopka forum

Informacje debugowania