Hi I installed squid and I think I got the squid.conf done right but upon
reboot I get the following errors. Please help if you can.
Sorry for the messege length but I wanted all info I could give you.
Local package initialization:
apache
squid
Dec 15 11:43:14 inferno (squid): ipcache_init: DNS name lookup tests failed.
pid 138 (squid), uid 65534: exited on signal 6
Dec 15 11:43:14 inferno /kernel: pid 138 (squid), uid 65534: exited on
signal 6
sshd: SSH Secure Shell 3.2.0 (non-commercial version) on
i386-portbld-freebsd4.7
sshd
Dec 15 11:43:17 inferno (squid): ipcache_init: DNS name lookup tests failed.
pid 153 (squid), uid 65534: exited on signal 6
Dec 15 11:43:17 inferno /kernel: pid 153 (squid), uid 65534: exited on
signal 6
Dec 15 11:43:20 inferno (squid): ipcache_init: DNS name lookup tests failed.
pid 155 (squid), uid 65534: exited on signal 6
Dec 15 11:43:20 inferno /kernel: pid 155 (squid), uid 65534: exited on
signal 6
Error creating connecting to test proxy
Dec 15 11:43:23 inferno dansguardian: Error creating connection to test
proxy
.
Additional TCP options:
.
Sun Dec 15 11:43:23 MST 2002
Dec 15 11:43:23 inferno (squid): ipcache_init: DNS name lookup tests failed.
pid 167 (squid), uid 65534: exited on signal 6
Dec 15 11:43:23 inferno /kernel: pid 167 (squid), uid 65534: exited on
signal 6
Dec 15 11:43:27 inferno (squid): ipcache_init: DNS name lookup tests failed.
pid 169 (squid), uid 65534: exited on signal 6
Dec 15 11:43:27 inferno /kernel: pid 169 (squid), uid 65534: exited on
signal 6
Dec 15 11:43:27 inferno squid[136]: Exiting due to repeated, frequent
failures
My squid.conf is the following
"/usr/local/etc/squid/squid.conf"
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
acl QUERY urlpath_regex cgi-bin
no_cache deny QUERY
#cache_replacement_policy GDSF
# memory_replacement_policy lru
# cache_dir ufs /usr/local/squid/cache 100 16 256
cache_access_log /dev/null
cache_log /dev/null
cache_store_log none
#Default:
# client_netmask 255.255.255.255
cache_dns_program /usr/local/djbdns-1.05/
# pinger_program /usr/local/libexec/pinger
# redirect_rewrites_host_header on
# request_body_max_size 1 MB
# reply_body_max_size 0
# refresh_pattern ^ftp: 1440 20% 10080
# refresh_pattern ^gopher: 1440 0% 1440
# refresh_pattern . 0 20% 4320
reference_age 1 week
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl outgoing src 192.168.10.1/255.255.255.0
acl smoothie src 192.168.10.1/255.255.255.0
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager
http_access allow localhost
http_access allow outgoing
http_access allow smoothie
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
icp_access allow localhost
icp_access allow smoothie
icp_access deny all
cache_mgr bowen@attbi.com
dns_testnames google.com microsoft.com attbi.com
memory_pools off
# forwarded_for on
# log_icp_queries on
# icp_hit_stale off
# minimum_direct_hops 4
# client_db on
# netdb_low 900
# netdb_high 1000
# netdb_ping_period 5 minutes
query_icmp on
# test_reachability off
# buffered_logs off
# reload_into_ims off
# acl FTP proto FTP
# always_direct allow FTP
#
# NOTE: There is a similar, but opposite option named
# 'never_direct'. You need to be aware that "always_direct deny
# foo" is NOT the same thing as "never_direct allow foo". You
# may need to use a deny rule to exclude a more-specific case of
# some other rule. Example:
#
# acl local-external dstdomain external.foo.net
# acl local-servers dstdomain foo.net
# always_direct deny local-external
# always_direct allow local-servers
#
# This option replaces some v1.1 options such as local_domain
# and local_ip.
#
#Default:
# none
# TAG: never_direct
# Usage: never_direct allow|deny [!]aclname ...
#
# never_direct is the opposite of always_direct. Please read
# the description for always_direct if you have not already.
#
# With 'never_direct' you can use ACL elements to specify
# requests which should NEVER be forwarded directly to origin
# servers. For example, to force the use of a proxy for all
# requests, except those in your local domain use something like:
#
# acl local-servers dstdomain foo.net
# acl all src 0.0.0.0/0.0.0.0
# never_direct deny local-servers
# never_direct allow all
#
# or if squid is inside a firewall and there is local intranet
# servers inside the firewall then use something like:
# acl local-intranet dstdomain foo.net
# acl local-external dstdomain external.foo.net
# always_direct deny local-external
# always_direct allow local-intranet
# never_direct allow all
#
# This option replaces some v1.1 options such as inside_firewall
# and firewall_ip.
#
#Default:
# none
#
# anonymize_headers deny From Referer Server
# anonymize_headers deny User-Agent WWW-Authenticate Link
#
# Or, to reproduce the old 'http_anonymizer paranoid' feature
# you should use:
#
# anonymize_headers allow Allow Authorization Cache-Control
# anonymize_headers allow Content-Encoding Content-Length
# anonymize_headers allow Content-Type Date Expires Host
# anonymize_headers allow If-Modified-Since Last-Modified
# anonymize_headers allow Location Pragma Accept
# anonymize_headers allow Accept-Encoding Accept-Language
# anonymize_headers allow Content-Language Mime-Version
# anonymize_headers allow Retry-After Title Connection
# anonymize_headers allow Proxy-Connection
#
# NOTE: You can not mix "allow" and "deny". All 'anonymize_headers'
# lines must have the same second argument.
#
# By default, all headers are allowed (no anonymizing is
# performed).
#
#Default:
# none
# TAG: snmp_access
# Note: This option is only available if Squid is rebuilt with the
# --enable-snmp option
#
# Allowing or denying access to the SNMP port.
#
# All access to the agent is denied by default.
# usage:
#
# snmp_access allow|deny [!]aclname ...
#
#Example:
# snmp_access allow snmppublic localhost
# snmp_access deny all
#
#Default:
# snmp_access deny all
# TAG: snmp_incoming_address
# Note: This option is only available if Squid is rebuilt with the
# --enable-snmp option
#
# TAG: snmp_outgoing_address
# Note: This option is only available if Squid is rebuilt with the
# --enable-snmp option
#
# Just like 'udp_incoming_address' above, but for the SNMP port.
#
# snmp_incoming_address is used for the SNMP socket receiving
# messages from SNMP agents.
# snmp_outgoing_address is used for SNMP packets returned to SNMP
# agents.
#
# The default snmp_incoming_address (0.0.0.0) is to listen on all
# available network interfaces.
#
# If snmp_outgoing_address is set to 255.255.255.255 (the default)
# then it will use the same socket as snmp_incoming_address. Only
# change this if you want to have SNMP replies sent using another
# address than where this Squid listens for SNMP queries.
#
# NOTE, snmp_incoming_address and snmp_outgoing_address can not have
# the same value since they both use port 3401.
#
#Default:
# snmp_incoming_address 0.0.0.0
# snmp_outgoing_address 255.255.255.255
# TAG: as_whois_server
# WHOIS server to query for AS numbers. NOTE: AS numbers are
# queried only when Squid starts up, not for every request.
#
#Default:
# as_whois_server whois.ra.net
# as_whois_server whois.ra.net
# TAG: wccp_router
# Note: This option is only available if Squid is rebuilt with the
# --enable-wccp option
#
# Use this option to define your WCCP ``home'' router for
# Squid. Setting the 'wccp_router' to 0.0.0.0 (the default)
# disables WCCP.
#
#Default:
# wccp_router 0.0.0.0
# TAG: wccp_version
# Note: This option is only available if Squid is rebuilt with the
# --enable-wccp option
#
# According to some users, Cisco IOS 11.2 only supports WCCP
# version 3. If you're using that version of IOS, change
# this value to 3.
#
#Default:
# wccp_version 4
# TAG: wccp_incoming_address
# Note: This option is only available if Squid is rebuilt with the
# --enable-wccp option
#
# TAG: wccp_outgoing_address
# Note: This option is only available if Squid is rebuilt with the
# --enable-wccp option
#
# wccp_incoming_address Use this option if you require WCCP
# messages to be received on only one
# interface. Do NOT use this option if
# you're unsure how many interfaces you
# have, or if you know you have only one
# interface.
#
# wccp_outgoing_address Use this option if you require WCCP
# messages to be sent out on only one
# interface. Do NOT use this option if
# you're unsure how many interfaces you
# have, or if you know you have only one
# interface.
#
# The default behavior is to not bind to any specific address.
#
# NOTE, wccp_incoming_address and wccp_outgoing_address can not have
# the same value since they both use port 2048.
#
#Default:
# wccp_incoming_address 0.0.0.0
# wccp_outgoing_address 255.255.255.255
# DELAY POOL PARAMETERS (all require DELAY_POOLS compilation option)
# --------------------------------------------------------------------------
--- # TAG: delay_pools # Note: This option is only available if Squid is rebuilt with the # --enable-delay-pools option # # This represents the number of delay pools to be used. For example, # if you have one class 2 delay pool and one class 3 delays pool, you # have a total of 2 delay pools. # # To enable this option, you must use --enable-delay-pools with the # configure script. # #Default: # delay_pools 0 # TAG: delay_class # Note: This option is only available if Squid is rebuilt with the # --enable-delay-pools option # # This defines the class of each delay pool. There must be exactly one # delay_class line for each delay pool. For example, to define two # delay pools, one of class 2 and one of class 3, the settings above # and here would be: # #Example: # delay_pools 2 # 2 delay pools # delay_class 1 2 # pool 1 is a class 2 pool # delay_class 2 3 # pool 2 is a class 3 pool # # The delay pool classes are: # # class 1 Everything is limited by a single aggregate # bucket. # # class 2 Everything is limited by a single aggregate # bucket as well as an "individual" bucket chosen # from bits 25 through 32 of the IP address. # # class 3 Everything is limited by a single aggregate # bucket as well as a "network" bucket chosen # from bits 17 through 24 of the IP address and a # "individual" bucket chosen from bits 17 through # 32 of the IP address. # # NOTE: If an IP address is a.b.c.d # -> bits 25 through 32 are "d" # -> bits 17 through 24 are "c" # -> bits 17 through 32 are "c * 256 + d" # #Default: # none # TAG: delay_access # Note: This option is only available if Squid is rebuilt with the # --enable-delay-pools option # # This is used to determine which delay pool a request falls into. # The first matched delay pool is always used, i.e., if a request falls # into delay pool number one, no more delay are checked, otherwise the # rest are checked in order of their delay pool number until they have # all been checked. For example, if you want some_big_clients in delay # pool 1 and lotsa_little_clients in delay pool 2: # #Example: # delay_access 1 allow some_big_clients # delay_access 1 deny all # delay_access 2 allow lotsa_little_clients # delay_access 2 deny all # #Default: # none # TAG: delay_parameters # Note: This option is only available if Squid is rebuilt with the # --enable-delay-pools option # # This defines the parameters for a delay pool. Each delay pool has # a number of "buckets" associated with it, as explained in the # description of delay_class. For a class 1 delay pool, the syntax is: # #delay_parameters pool aggregate # # For a class 2 delay pool: # #delay_parameters pool aggregate individual # # For a class 3 delay pool: # #delay_parameters pool aggregate network individual # # The variables here are: # # pool a pool number - ie, a number between 1 and the # number specified in delay_pools as used in # delay_class lines. # # aggregate the "delay parameters" for the aggregate bucket # (class 1, 2, 3). # # individual the "delay parameters" for the individual # buckets (class 2, 3). # # network the "delay parameters" for the network buckets # (class 3). # # A pair of delay parameters is written restore/maximum, where restore is # the number of bytes (not bits - modem and network speeds are usually # quoted in bits) per second placed into the bucket, and maximum is the # maximum number of bytes which can be in the bucket at any time. # # For example, if delay pool number 1 is a class 2 delay pool as in the # above example, and is being used to strictly limit each host to 64kbps # (plus overheads), with no overall limit, the line is: # #delay_parameters 1 -1/-1 8000/8000 # # Note that the figure -1 is used to represent "unlimited". # # And, if delay pool number 2 is a class 3 delay pool as in the above # example, and you want to limit it to a total of 256kbps (strict limit) # with each 8-bit network permitted 64kbps (strict limit) and each # individual host permitted 4800bps with a bucket maximum size of 64kb # to permit a decent web page to be downloaded at a decent speed # (if the network is not being limited due to overuse) but slow down # large downloads more significantly: # #delay_parameters 2 32000/32000 8000/8000 600/64000 # # There must be one delay_parameters line for each delay pool. # #Default: # none # TAG: delay_initial_bucket_level (percent, 0-100) # Note: This option is only available if Squid is rebuilt with the # --enable-delay-pools option # # The initial bucket percentage is used to determine how much is put # in each bucket when squid starts, is reconfigured, or first notices # a host accessing it (in class 2 and class 3, individual hosts and # networks only have buckets associated with them once they have been # "seen" by squid). # #Default: # delay_initial_bucket_level 50 # TAG: incoming_icp_average # TAG: incoming_http_average # TAG: incoming_dns_average # TAG: min_icp_poll_cnt # TAG: min_dns_poll_cnt # TAG: min_http_poll_cnt # Heavy voodoo here. I can't even believe you are reading this. # Are you crazy? Don't even think about adjusting these unless # you understand the algorithms in comm_select.c first! # #Default: # incoming_icp_average 6 # incoming_http_average 4 # incoming_dns_average 4 # min_icp_poll_cnt 8 # min_dns_poll_cnt 8 # min_http_poll_cnt 8 # TAG: max_open_disk_fds # To avoid having disk as the I/O bottleneck Squid can optionally # bypass the on-disk cache if more than this amount of disk file # descriptors are open. # # A value of 0 indicates no limit. # #Default: # max_open_disk_fds 0 # TAG: offline_mode # Enable this option and Squid will never try to validate cached # objects. # #Default: # offline_mode off # TAG: uri_whitespace # What to do with requests that have whitespace characters in the # URI. Options: # # strip: The whitespace characters are stripped out of the URL. # This is the behavior recommended by RFC2616. # deny: The request is denied. The user receives an "Invalid # Request" message. # allow: The request is allowed and the URI is not changed. The # whitespace characters remain in the URI. Note the # whitespace is passed to redirector processes if they # are in use. # encode: The request is allowed and the whitespace characters are # encoded according to RFC1738. This could be considered # a violation of the HTTP/1.1 # RFC because proxies are not allowed to rewrite URI's. # chop: The request is allowed and the URI is chopped at the # first whitespace. This might also be considered a # violation. # #Default: # uri_whitespace strip # TAG: broken_posts # A list of ACL elements which, if matched, causes Squid to send # a extra CRLF pair after the body of a PUT/POST request. # # Some HTTP servers has broken implementations of PUT/POST, # and rely on a extra CRLF pair sent by some WWW clients. # # Quote from RFC 2068 section 4.1 on this matter: # # Note: certain buggy HTTP/1.0 client implementations generate an # extra CRLF's after a POST request. To restate what is explicitly # forbidden by the BNF, an HTTP/1.1 client must not preface or follow # a request with an extra CRLF. # #Example: # acl buggy_server url_regex ^http://.... # broken_posts allow buggy_server # #Default: # none # TAG: mcast_miss_addr # Note: This option is only available if Squid is rebuilt with the # -DMULTICAST_MISS_STREAM option # # If you enable this option, every "cache miss" URL will # be sent out on the specified multicast address. # # Do not enable this option unless you are are absolutely # certain you understand what you are doing. # #Default: # mcast_miss_addr 255.255.255.255 # TAG: mcast_miss_ttl # Note: This option is only available if Squid is rebuilt with the # -DMULTICAST_MISS_TTL option # # This is the time-to-live value for packets multicasted # when multicasting off cache miss URLs is enabled. By # default this is set to 'site scope', i.e. 16. # #Default: # mcast_miss_ttl 16 # TAG: mcast_miss_port # Note: This option is only available if Squid is rebuilt with the # -DMULTICAST_MISS_STREAM option # # This is the port number to be used in conjunction with # 'mcast_miss_addr'. # #Default: # mcast_miss_port 3135 # TAG: mcast_miss_encode_key # Note: This option is only available if Squid is rebuilt with the # -DMULTICAST_MISS_STREAM option # # The URLs that are sent in the multicast miss stream are # encrypted. This is the encryption key. # #Default: # mcast_miss_encode_key XXXXXXXXXXXXXXXX # TAG: nonhierarchical_direct # By default, Squid will send any non-hierarchical requests # (matching hierarchy_stoplist or not cachable request type) direct # to origin servers. # # If you set this to off, then Squid will prefer to send these # requests to parents. # # Note that in most configurations, by turning this off you will only # add latency to these request without any improvement in global hit # ratio. # ratio. # # If you are inside an firewall then see never_direct instead of # this directive. # #Default: # nonhierarchical_direct on # TAG: prefer_direct # Normally Squid tries to use parents for most requests. If you by some # reason like it to first try going direct and only use a parent if # going direct fails then set this to off. # # By combining nonhierarchical_direct off and prefer_direct on you # can set up Squid to use a parent as a backup path if going direct # fails. # #Default: # prefer_direct off # TAG: strip_query_terms # By default, Squid strips query terms from requested URLs before # logging. This protects your user's privacy. # #Default: # strip_query_terms on # TAG: coredump_dir # By default Squid leaves core files in the first cache_dir # directory. If you set 'coredump_dir' to a directory # that exists, Squid will chdir() to that directory at startup # and coredump files will be left there. # #Default: # none # TAG: redirector_bypass # When this is 'on', a request will not go through the # redirector if all redirectors are busy. If this is 'off' # and the redirector queue grows too large, Squid will exit # with a FATAL error and ask you to increase the number of # redirectors. You should only enable this if the redirectors # are not critical to your caching system. If you use # redirectors for access control, and you enable this option, # then users may have access to pages that they should not # be allowed to request. # #Default: # redirector_bypass off # TAG: ignore_unknown_nameservers # By default Squid checks that DNS responses are received # from the same IP addresses that they are sent to. If they # don't match, Squid ignores the response and writes a warning # message to cache.log. You can allow responses from unknown # nameservers by setting this option to 'off'. # #Default: # ignore_unknown_nameservers on # TAG: digest_generation # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This controls whether the server will generate a Cache Digest # of its contents. By default, Cache Digest generation is # enabled if Squid is compiled with USE_CACHE_DIGESTS defined. # #Default: # digest_generation on # TAG: digest_bits_per_entry # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This is the number of bits of the server's Cache Digest which # will be associated with the Digest entry for a given HTTP # Method and URL (public key) combination. The default is 5. # #Default: # digest_bits_per_entry 5 # TAG: digest_rebuild_period (seconds) # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This is the number of seconds between Cache Digest rebuilds. # #Default: # digest_rebuild_period 1 hour # TAG: digest_rewrite_period (seconds) # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This is the number of seconds between Cache Digest writes to # disk. # #Default: # digest_rewrite_period 1 hour # TAG: digest_swapout_chunk_size (bytes) # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This is the number of bytes of the Cache Digest to write to # disk at a time. It defaults to 4096 bytes (4KB), the Squid # default swap page. # #Default: # digest_swapout_chunk_size 4096 bytes # TAG: digest_rebuild_chunk_percentage (percent, 0-100) # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This is the percentage of the Cache Digest to be scanned at a # time. By default it is set to 10% of the Cache Digest. # #Default: # digest_rebuild_chunk_percentage 10 # TAG: chroot # Use this to have Squid do a chroot() while initializing. This # also causes Squid to fully drop root privileges after # initializing. This means, for example, that if you use a HTTP # port less than 1024 and try to reconfigure, you will get an # error. # #Default: # none # TAG: client_persistent_connections # TAG: server_persistent_connections # Persistent connection support for clients and servers. By # default, Squid uses persistent connections (when allowed) # with its clients and servers. You can use these options to # disable persistent connections with clients and/or servers. # #Default: # client_persistent_connections on # server_persistent_connections on # TAG: pipeline_prefetch # To boost the performance of pipelined requests to closer # match that of a non-proxied environment Squid tries to fetch # up to two requests in parallell from a pipeline. # #Default: # pipeline_prefetch on # TAG: extension_methods # Squid only knows about standardized HTTP request methods. # You can add up to 20 additional "extension" methods here. # #Default: # none # TAG: high_response_time_warning (msec) # If the one-minute median response time exceeds this value, # Squid prints a WARNING with debug level 0 to get the # administrators attention. The value is in milliseconds. # #Default: # high_response_time_warning 0 # TAG: high_page_fault_warning # If the one-minute average page fault rate exceeds this # value, Squid prints a WARNING with debug level 0 to get # the administrators attention. The value is in page faults # per second. # #Default: # high_page_fault_warning 0 # TAG: high_memory_warning # If the memory usage (as determined by mallinfo) exceeds # value, Squid prints a WARNING with debug level 0 to get # the administrators attention. # #Default: # high_memory_warning 0 # TAG: store_dir_select_algorithm # Set this to 'round-robin' as an alternative. # #Default: # store_dir_select_algorithm least-load # TAG: forward_log # Note: This option is only available if Squid is rebuilt with the # -DWIP_FWD_LOG option # # Logs the server-side requests. # # This is currently work in progress. # #Default: # none # TAG: ie_refresh on|off # Microsoft Internet Explorer up until version 5.5 Service # Pack 1 has an issue with transparent proxies, wherein it # is impossible to force a refresh. Turning this on provides # a partial fix to the problem, by causing all IMS-REFRESH # requests from older IE versions to check the origin server # for fresh content. This reduces hit ratio by some amount # (~10% in my experience), but allows users to actually get # fresh content when they want it. Note that because Squid # cannot tell if the user is using 5.5 or 5.5SP1, the behavior # of 5.5 is unchanged from old versions of Squid (i.e. a # forced refresh is impossible). Newer versions of IE will, # hopefully, continue to have the new behavior and will be # handled based on that assumption. This option defaults to # the old Squid behavior, which is better for hit ratios but # worse for clients using IE, if they need to be able to # force fresh content. # #Default: # ie_refresh off TIA Rick b0w3n@attbi.comReceived on Sun Dec 15 2002 - 12:05:14 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:05 MST