[squid-users] RE: The redirector helpers are crashing too rapidly, need help!

Look in squidGuard.log for the reason SG is crashing. Fix that,
and squid will stay up too.

> -----Original Message-----
> From: owner-squidguard@relay1.tdcnorge.no
> [mailto:owner-squidguard@relay1.tdcnorge.no]On Behalf Of Mark Adams
> Sent: Wednesday, November 09, 2005 11:52 AM
> To: squidguard@squidguard.org
> Subject: The redirector helpers are crashing too rapidly, need help!
>
>
> I am trying to implement squidGuard (1.2.0 Sleepycat
> Software: Berkeley
> DB 4.1.25: (September 17, 2004)) on a server under Squid
> Cache version
> 2.5.STABLE9 for i586-mandrake-linux. I will paste in config
> files below
> for your reference.
>
> My problem is that when I configure squid to start squidGuard, then
> restart the squid service, squid does not run at all.
>
> Normal startup, no squidGuard:
>
> # ps auwx|grep squid
> root 6219 0.0 0.1 5264 1492 ? Ss 08:38
> 0:00 squid -D
> squid 6221 0.0 0.5 8360 5228 ? S 08:38
> 0:00 (squid) -D
> squid 6224 0.0 0.0 1256 264 ? Ss 08:38
> 0:00 (unlinkd)
> root 6262 0.0 0.0 1760 600 pts/0 R+ 08:58
> 0:00 grep squid
>
>
> Startup with squidGuard active (redirect_program
> /usr/bin/squidGuard -c
> /etc/squid/squidGuard.conf -C all):
>
> # ps auwx|grep squid
> root 6314 0.0 0.1 5264 1492 ? Ss 09:00
> 0:00 squid -D
> squid 6360 43.0 0.0 0 0 ? Rs 09:00
> 0:01 [squidGuard]
> squid 6361 0.6 0.1 6044 1580 ? Rs 09:00 0:00
> (squidGuard) -c /etc/squid/squidGuard.conf -C all
> squid 6363 0.3 0.1 5512 1468 ? Rs 09:00 0:00
> (squidGuard) -c /etc/squid/squidGuard.conf -C all
> squid 6364 7.3 0.1 6440 1996 ? Ds 09:00 0:00
> (squidGuard) -c /etc/squid/squidGuard.conf -C all
> squid 6368 7.0 0.1 6440 1996 ? Rs 09:00 0:00
> (squidGuard) -c /etc/squid/squidGuard.conf -C all
> squid 6369 0.3 0.1 4840 1360 ? Rs 09:00 0:00
> (squidGuard) -c /etc/squid/squidGuard.conf -C all
> root 6372 0.0 0.0 1760 596 pts/0 R+ 09:00
> 0:00 grep squid
>
> Then after about 30 seconds:
>
> # ps auwx|grep squid
> root 6406 0.0 0.0 1760 604 pts/0 S+ 09:01
> 0:00 grep squid
>
> And of course, the proxy is unreachable.
>
> ===Here is the log under failure:
>
> # tail -100 /var/log/squid/cache.log
> 2005/11/09 09:00:30| Unlinkd pipe opened on FD 20
> 2005/11/09 09:00:30| Swap maxSize 102400 KB, estimated 7876 objects
> 2005/11/09 09:00:30| Target number of buckets: 393
> 2005/11/09 09:00:30| Using 8192 Store buckets
> 2005/11/09 09:00:30| Max Mem size: 8192 KB
> 2005/11/09 09:00:30| Max Swap size: 102400 KB
> 2005/11/09 09:00:30| Rebuilding storage in /var/spool/squid (CLEAN)
> 2005/11/09 09:00:30| Using Least Load store dir selection
> 2005/11/09 09:00:30| Set Current Directory to /var/spool/squid
> 2005/11/09 09:00:30| Loaded Icons.
> 2005/11/09 09:00:30| Accepting HTTP connections at 0.0.0.0,
> port 8080,
> FD 22.
> 2005/11/09 09:00:30| Accepting HTTP connections at 0.0.0.0,
> port 3128,
> FD 23.
> 2005/11/09 09:00:30| Accepting ICP messages at 0.0.0.0, port
> 3130, FD 24.
> 2005/11/09 09:00:30| Accepting HTCP messages on port 4827, FD 25.
> 2005/11/09 09:00:30| Accepting SNMP messages on port 3401, FD 26.
> 2005/11/09 09:00:30| WCCP Disabled.
> 2005/11/09 09:00:30| Ready to serve requests.
> 2005/11/09 09:00:30| Done reading /var/spool/squid swaplog
> (1227 entries)
> 2005/11/09 09:00:30| Finished rebuilding storage from disk.
> 2005/11/09 09:00:30| 1227 Entries scanned
> 2005/11/09 09:00:30| 0 Invalid entries.
> 2005/11/09 09:00:30| 0 With invalid flags.
> 2005/11/09 09:00:30| 1227 Objects loaded.
> 2005/11/09 09:00:30| 0 Objects expired.
> 2005/11/09 09:00:30| 0 Objects cancelled.
> 2005/11/09 09:00:30| 0 Duplicate URLs purged.
> 2005/11/09 09:00:30| 0 Swapfile clashes avoided.
> 2005/11/09 09:00:30| Took 0.3 seconds (4206.2 objects/sec).
> 2005/11/09 09:00:30| Beginning Validation Procedure
> 2005/11/09 09:00:30| Completed Validation Procedure
> 2005/11/09 09:00:30| Validated 1227 Entries
> 2005/11/09 09:00:30| store_swap_size = 14792k
> 2005/11/09 09:00:31| WARNING: redirector #1 (FD 7) exited
> 2005/11/09 09:00:32| storeLateRelease: released 0 objects
> 2005/11/09 09:00:32| WARNING: redirector #2 (FD 8) exited
> 2005/11/09 09:00:32| WARNING: redirector #3 (FD 9) exited
> 2005/11/09 09:00:32| WARNING: redirector #8 (FD 14) exited
> 2005/11/09 09:00:33| WARNING: redirector #5 (FD 11) exited
> 2005/11/09 09:00:33| Too few redirector processes are running
> 2005/11/09 09:00:33| storeDirWriteCleanLogs: Starting...
> 2005/11/09 09:00:33| Finished. Wrote 1227 entries.
> 2005/11/09 09:00:33| Took 0.0 seconds (1088731.1 entries/sec).
> FATAL: The redirector helpers are crashing too rapidly, need help!
>
> ====SquidGuard.conf (expurgated of all "#"comments):
>
> hosts_file /etc/hosts
>
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
>
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
>
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 80
> acl Safe_ports port 21
> acl Safe_ports port 443 563
> acl Safe_ports port 70
> acl Safe_ports port 210
> acl Safe_ports port 1025-65535
> acl Safe_ports port 280
> acl Safe_ports port 488
> acl Safe_ports port 591
> acl Safe_ports port 777
> acl CONNECT method CONNECT
> acl mynetwork src 192.168.1.0/255.255.255.0
>
> http_access allow manager localhost
> http_access allow Safe_ports
> http_access allow !Safe_ports
> http_access allow CONNECT !SSL_ports
> http_access allow mynetwork
>
> http_access allow localhost
>
> http_reply_access allow all
>
> icp_access allow all
>
> visible_hostname shuttle.adams-lan.local
>
> coredump_dir /var/spool/squid
>
> cache_effective_user squid
> cache_effective_group squid
> http_port 8080
> http_port 3128
>
> redirect_program /usr/bin/squidGuard -c
> /etc/squid/squidGuard.conf -C all
>
> ===squidGuard.conf:
>
> logdir /var/log/squidGuard
> dbhome /usr/share/squidGuard-1.2.0/db
>
> dest ads {
> domainlist ads/domains
> urllist ads/urls
> redirect 302:http://web.server.com/1x1.gif
> }
>
> dest aggressive {
> domainlist aggressive/domains
> urllist aggressive/urls
> log blocked.log
> }
>
> dest audio-video {
> domainlist audio-video/domains
> urllist audio-video/urls
> log blocked.log
> }
>
> dest drugs {
> domainlist drugs/domains
> urllist drugs/urls
> log blocked.log
> }
>
> dest gambling {
> domainlist gambling/domains
> urllist gambling/urls
> log blocked.log
> }
>
> dest hacking {
> domainlist hacking/domains
> urllist hacking/urls
> log blocked.log
> }
>
> #dest mail {
> # domainlist mail/domains
> # urllist mail/urls
> # log blocked.log
> #}
>
> dest porn {
> domainlist porn/domains
> urllist porn/urls
> log blocked.log
> }
>
> dest violence {
> domainlist violence/domains
> urllist violence/urls
> log blocked.log
> }
>
> dest warez {
> domainlist warez/domains
> urllist warez/urls
> log blocked.log
> }
>
> #dest local-ok {
> # domainlist custom/local-ok/domains
> # urllist custom/local-ok/urls
> #}
>
> destination local-block {
> domainlist custom/local-block/domains
> urllist custom/local-block/urls
> log blocked.log
> }
>
>
> acl {
> default {
> pass local-ok !local-block !ads !aggressive
> !audio-video !drugs
> !gambling !hacking !porn !violence !warez all
> # !mail not included by default
> redirect
> 302:http://web.server.com/cgi-bin/squidGuard.cgi/?clientaddr=%
> a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
> # redirect
> 302:http://web.server.com/cgi-bin/squidGuard-simple.cgi/?clien
> taddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=
> %t&url=%u
> }
> }
> # clientaddr|clientname|clientident|srcclass|targetclass|url
> # ads aggressive audio-video drugs gambling hacking porn
> violence warez
>
>
> The directory structure under /usr/share/squidGuard-1.2.0/db
> exists and
> seems fine.
>
> ===Ownership and permissions:
>
> # ll /usr/share/squidGuard-1.2.0/db
> total 15
> drwxr-xr-x 2 squid squid 1752 Nov 8 20:08 ads/
> drwxr-xr-x 2 squid squid 184 Jan 21 2005 adult/
> drwxr-xr-x 2 squid squid 96 Jan 21 2005 advertising/
> drwxr-xr-x 2 squid squid 1872 Jan 21 2005 aggressive/
> drwxr-xr-x 2 squid squid 1552 Jan 21 2005 audio-video/
> drwxr-xr-x 2 squid squid 128 Jan 21 2005 banneddestination/
> drwxr-xr-x 2 squid squid 72 Jan 21 2005 bannedsource/
> drwxr-xr-x 2 squid squid 2072 Jan 21 2005 drugs/
> drwxr-xr-x 2 squid squid 184 Jan 21 2005 forums/
> drwxr-xr-x 2 squid squid 752 Jan 21 2005 gambling/
> drwxr-xr-x 2 squid squid 1232 Jan 21 2005 hacking/
> drwxr-xr-x 2 squid squid 72 Jan 21 2005 lansource/
> drwxr-xr-x 2 squid squid 128 Nov 8 17:13 mail/
> drwxr-xr-x 2 squid squid 2184 Nov 8 20:15 porn/
> drwxr-xr-x 2 squid squid 72 Jan 21 2005 privilegedsource/
> drwxr-xr-x 2 squid squid 336 Jan 21 2005 proxy/
> drwxr-xr-x 2 squid squid 184 Jan 21 2005 publicite/
> -rw-r--r-- 1 squid squid 508 Mar 25 2000 README
> drwxr-xr-x 2 squid squid 184 Jan 21 2005 redirector/
> drwxr-xr-x 2 squid squid 72 Jan 21 2005 timerestriction/
> drwxr-xr-x 2 squid squid 304 Jan 21 2005 violence/
> drwxr-xr-x 2 squid squid 992 Jan 21 2005 warez/
> [root@shuttle squid]# ll /var/log/squidGuard
> total 508
> -rw-r----- 1 squid squid 0 Apr 19 2004 advertising.log
> -rw-r----- 1 squid squid 0 Nov 8 17:13 blocked.log
> -rw-r----- 1 squid squid 0 Apr 19 2004 squidGuard.error
> -rw-r----- 1 squid squid 469693 Nov 9 09:00 squidGuard.log
> -rw-r----- 1 squid squid 44603 Nov 9 02:02 squidGuard.log.1.gz
> -rw-r----- 1 squid squid 606 Jan 23 2005 squidGuard.log.2.gz
>
>
> Where else can I look? What else do I need to do to get this thing
> filtering?
>
> Thanks.
>
> --
> Mark E. Adams
> http://adamslan.shyper.com
>
> Random Musing:
> You can observe a lot just by watching. -- Yogi Berra
>
>
>
Received on Wed Nov 09 2005 - 11:25:53 MST