[squid-users] Re: about the squid.....transparent...!!!

I suspect your iptables ruleset is disturbing Squid when Squid tries to talk
to it's redirectors on the loop back interface (127.0.0.1). Quite likely also
disturbs Squid when Squid tries to fetch the content.

Or your redirect_program is not working correctly.

Regards
Henrik

Á¤Áø¿õ wrote:
> First we give thanks at the reply.
>
> To solve short yeongujiman problem. We write the text in this way.
>
> >We need a little more information on your problem to be able to help
>
> you.
>
> squid version 2.4STABLES
> iptables version 1.2.5-3
>
> >1. What error do you experience?
>
> A web contents is not opened to the be normal when use the
> transparent facility.
> The access.log is piled up so that it is simple ( or not
> piled up )
> And then, cache.log was continuously updated ( like the
> below file - cache.log )
> Squid processor is continuously restart.
>
> >2. Is it specific to accessing some sites, or all?
>
> We are applied to all site.
>
> >3. How have you configured Squid?
>
> See the below file - /etc/squid/squid.conf
>
> >4. Is there any relevant information in cache.log or access.log?
>
> # vi /var/log/squid/cache.log
>
> 2002/04/23 18:09:05| WARNING: redirector #1 (FD 21) exited
> 2002/04/23 18:09:06| WARNING: redirector #2 (FD 22) exited
> 2002/04/23 18:09:06| WARNING: redirector #3 (FD 23) exited
> 2002/04/23 18:09:06| WARNING: redirector #4 (FD 24) exited
> 2002/04/23 18:09:06| storeDirWriteCleanLogs: Starting...
> 2002/04/23 18:09:06| WARNING: Closing open FD 31
> 2002/04/23 18:09:06| Finished. Wrote 84 entries.
> 2002/04/23 18:09:06| Took 0.0 seconds (65015.5 entries/sec).
> FATAL: Too few redirector processes are running
> Squid Cache : Terminated abnormally.
> CPU Usage: 0.120 seconds = 0.010 user + 0.110 sys
> Maximum Resident Size: 0 KB
> Page faults with physical i/o: 339
> Memory usage for squid via mallinfo():
> total space in arena: 2378 KB
> Ordinary blocks: 2358 KB 3 blks
> Small blocks: 0 KB 0 blks
> Holding blocks: 176 KB 1 blks
> Free Small blocks: 0 KB
> Free Ordinary blocks: 20 KB
> Total in use: 2534 KB 107%
> Total free: 20 KB 1%
> 2002/04/23 18:09:09| Starting Squid Cache for i686-pc-linux-gnu.
> ..
> 2002/04/23 18:09:09| Process ID 16930
> 2002/04/23 18:09:09| With 1024 file descriptors available
> 2002/04/23 18:09:09| helperOpenServers: Starting 16 'diskd' processes
> 2002/04/23 18:09:09| helperOpenServers: Starting 5 'squidguardl'
> processes
> 2002/04/23 18:09:09| Unlinkd pipe opened on FD 29
> 2002/04/23 18:09:09| Swap maxSize 102400 KB, estimated 7876 objects
> 2002/04/23 18:09:09| Target number of buckets: 393
> 2002/04/23 18:09:09| Using 8192 Store buckets
> 2002/04/23 18:09:09| Max Mem size: 16384 KB
> 2002/04/23 18:09:09| Max Swap size: 102400 KB
> 2002/04/23 18:09:09| Rebuilding storage in /var/spool/squid (CLEAN)
> 2002/04/23 18:09:09| Using Least Load store dir selection
> 2002/04/23 18:09:09| Set Current Directory to /var/spool/squid
> 2002/04/23 18:09:09| Loaded Icons.
> 2002/04/23 18:09:09| Accepting HTTP connections at 0.0.0.0, port 8080,
> FD 31.
> 2002/04/23 18:09:09| Accepting ICP messages at 0.0.0.0, port 3130, FD
> 32.
> 2002/04/23 18:09:09| Accepting SNMP messages on port 3401, FD 33.
> 2002/04/23 18:09:09| WCCP Disabled.
> 2002/04/23 18:09:09| Ready to serve requests.
> 2002/04/23 18:09:09| Done reading /var/spool/squid swaplog (84 entries)
> 2002/04/23 18:09:09| Finished rebuilding storage from disk.
> 2002/04/23 18:09:09| 84 Entries scanned
> 2002/04/23 18:09:09| 0 Invalid entries.
> 2002/04/23 18:09:09| 0 With invalid flags.
> 2002/04/23 18:09:09| 84 Objects loaded.
> 2002/04/23 18:09:09| 0 Objects expired.
> 2002/04/23 18:09:09| 0 Objects cancelled.
> 2002/04/23 18:09:09| 0 Duplicate URLs purged.
> 2002/04/23 18:09:09| 0 Swapfile clashes avoided.
> 2002/04/23 18:09:09| Took 0.4 seconds ( 204.7 objects/sec).
> 2002/04/23 18:09:09| Beginning Validation Procedure
> 2002/04/23 18:09:09| Completed Validation Procedure
> 2002/04/23 18:09:09| Validated 84 Entries
> 2002/04/23 18:09:09| store_swap_size = 984k
> 2002/04/23 18:09:10| storeLateRelease: released 0 objects
>
>
>
> vi /etc/squid/squid.conf
>
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> #http_access deny all
> http_access allow all
> icp_access allow all
> http_port 8080
> httpd_accel_host virtual
> httpd_accel_port 80
> httpd_accel_with_proxy on
> httpd_accel_uses_host_header on
>
> On Monday 22 April 2002 03:09, A¢´A©ª¢¯o wrote:
> > Hello.
> > There is many suffering in sultry weather.
> > Different no.
> > We discovered the bug while we are using the squid.
> >
> >
> > Bug : 2.4STABLES Version.
> > The error happens when it uses a transparent facility.
> >
> >
> > The solution plan :
> >
> > We sent the while day with much time but we could not
> > find the plan to solve.
> > Therefore we send the mail in this way.
> > To solve the problem, We send the text in this way
>
> though
>
> > we are short Engilsh.
> >
> >
> >
> >
> >
> >
> > The scenario.
> >
> > To apply a transparent facility to the privatel network.
> > We added a next's content to a next's file.
> >
> >
> > 1. /etc/squid/squid.conf
> >
> > ...
> > http_port 8080
> > httpd_accel_host virtual
> > httpd_accel_port 80
> > httpd_accel_with_proxy on
> > httpd_accel_uses_host_header on
> > ...
> >
> > 2. We made a "C" class private network
> >
> > # ifconfig
> >
> > eth0
> >
> > eth1
> > inet addr:192.168.10.1 Bcast:192.168.34.255
> > Mask:255.255.255.0
> > UP BROADCAST RUNNING MULTICAST MTU:1500
> > Metric:1
> >
> >
> >
> >
> > 3. We used an iptables command.
> >
> > iptalbes -t nat -A PREROUTING -p tcp -d !
> > squid-servier- IP --dport 80 -j REDIRECT --to-port 8080
> > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> >
> >
> > A problem occurrence .
> >
> > Computers can not use Internet properly in private
> > network. We could use the squid without the inconvenience when we
> > do not use this facility.
> > This problem thinks that we are a squid bug.
> > We want to know the method to solve this problem.
Received on Tue Apr 23 2002 - 08:50:51 MDT