Re: [squid-users] squid not caching anything to disk (or memory either) (still)

Hello all,
Thanks for your response Pujo,
Unfortunately, though your suggestion makes perfect sense, it has not
fixed the problem!
I removed 'proxy-only' from the cache_peer line and squid is still doing
no caching at all.

In addition, and since my first post, I have tried some other things to
get caching going:
 - used gentoo to install a newer version of squid: 2.6STABLE5 >> made
no difference
 - performed a manual compile and install of squid 2.6STABLE5 to
/usr/local/squid >> which ran fine, but still has the same no caching
problem
 - we are now pointing it to an internal (windoze) server as the
cache_peer while we sort out this problem.

To reiterate:
 - squid is not caching at all > all store.log entries show "RELEASE -1
FFFFFFFF"
 - proxying and authentication are working fine
 - cache_dir permissions are 775, user squid, group squid
 - squid -z shows no errors
version, config and log snippets below....

config:

http_port 172.16.0.5:3128
icp_port 0
cache_peer 172.16.2.29 parent 8081 0 no-query no-digest default
login=squid:squidpass
acl QUERY urlpath_regex cgi-bin /?
no_cache deny QUERY
cache_mem 32 MB
maximum_object_size 4096 KB
maximum_object_size_in_memory 128 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir ufs /cache/squid 4096 16 256
access_log /var/log/squid/access.log squid
debug_options ALL,1
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 100
auth_param ntlm keep_alive on
auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 20
auth_param basic realm MGC Internet via Kleio > ntlm basic
auth_param basic credentialsttl 60 seconds
external_acl_type check_group ttl=30 children=50 %LOGIN
/usr/lib/squid/wbinfo_group.pl
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 10000 10001 10002 10003 10004 10005 10006
10007 10008 10009 10010
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 10000 10001 10002 10003 10004 10005 10006
10007 10008 10009 10010 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
acl mgc_hosts dst 172.16.0.0/255.255.0.0
acl local_hosts src 172.16.0.0/16 10.159.194.0/24
acl mgc dstdomain .melbourne-girls-co.edu.vic.gov.au
acl deet dstdomain .education.vic.gov.au .eduweb.vic.gov.au
.edumail.vic.gov.au .sofweb.vic.gov.au .det.vic.gov.au .tafe.vic.gov.au
.acfe.vic.gov.au .mpb.vic.gov.au .vass.vic.edu.au .vicone.net.au
.vcaa.vic.edu.au .vqa.vic.gov.au .vlesc.vic.gov.au
acl deet_hosts dst 10.0.0.0/255.0.0.0
acl authorised external check_group proxy_users
acl authenticated proxy_auth REQUIRED
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow authorised authenticated local_hosts
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
cache_effective_user squid
cache_effective_group squid
visible_hostname kleio.melboure-girls-co.edu.vic.gov.au
always_direct allow mgc
always_direct allow mgc_hosts
always_direct allow deet
always_direct allow deet_hosts
never_direct allow all
strip_query_terms off
coredump_dir /var/cache/squid

version:

Squid Cache: Version 2.6.STABLE5
configure options: '--prefix=/usr' '--bindir=/usr/bin'
'--exec-prefix=/usr' '--sbindir=/usr/sbin' '--localstatedir=/var'
'--mandir=/usr/share/man' '--sysconfdir=/etc/squid'
'--libexecdir=/usr/lib/squid' '--datadir=/usr/share/squid'
'--enable-auth=basic,digest,ntlm' '--enable-removal-policies=lru,heap'
'--enable-digest-auth-helpers=password'
'--enable-basic-auth-helpers=YP,SASL,PAM,LDAP,getpwnam,NCSA,SMB,MSNT,multi-domain-NTLM'
'--enable-external-acl-helpers=ldap_group,ip_user,session,unix_group,wbinfo_group'
'--enable-ntlm-auth-helpers=SMB,fakeauth' '--enable-ident-lookups'
'--enable-useragent-log' '--enable-cache-digests' '--enable-delay-pools'
'--enable-referer-log' '--enable-arp-acl' '--with-pthreads'
'--with-large-files' '--enable-htcp' '--enable-carp'
'--enable-follow-x-forwarded-for' '--disable-snmp' '--enable-ssl'
'--host=i686-pc-linux-gnu' '--enable-storeio=ufs,diskd,coss,aufs,null'
'--enable-async-io' '--enable-linux-netfilter' '--enable-epoll'
'CC=i686-pc-linux-gnu-gcc' 'CFLAGS=-O2 -march=pentium3
-fomit-frame-pointer' 'host_alias=i686-pc-linux-gnu'

cache.log after -k reconfigure:

  got NTLMSSP command 3, expected 1
[2006/12/08 08:39:08, 1] libsmb/ntlmssp.c:ntlmssp_update(267)
  got NTLMSSP command 3, expected 1
[2006/12/08 08:43:25, 1] libsmb/ntlmssp.c:ntlmssp_update(267)
  got NTLMSSP command 3, expected 1
2006/12/08 08:50:00| Reconfiguring Squid Cache (version 2.6.STABLE5)...
2006/12/08 08:50:00| FD 182 Closing HTTP connection
2006/12/08 08:50:00| Closing unlinkd pipe on FD 180
2006/12/08 08:50:00| Cache dir '/cache/squid' size remains unchanged at
4194304 KB
2006/12/08 08:50:00| Initialising SSL.
2006/12/08 08:50:00| User-Agent logging is disabled.
2006/12/08 08:50:00| Referer logging is disabled.
2006/12/08 08:50:00| DNS Socket created at 0.0.0.0, port 32775, FD 7
2006/12/08 08:50:00| Adding nameserver 172.16.2.12 from /etc/resolv.conf
2006/12/08 08:50:00| Adding nameserver 10.180.1.1 from /etc/resolv.conf
2006/12/08 08:50:00| helperStatefulOpenServers: Starting 100 'ntlm_auth'
processes
2006/12/08 08:50:04| helperOpenServers: Starting 20 'ntlm_auth' processes
2006/12/08 08:50:05| helperOpenServers: Starting 50 'wbinfo_group.pl'
processes
2006/12/08 08:50:06| Unlinkd pipe opened on FD 182
2006/12/08 08:50:06| Accepting proxy HTTP connections at 172.16.0.5,
port 3128, FD 179.
2006/12/08 08:50:06| HTCP Disabled.
2006/12/08 08:50:06| WCCP Disabled.
2006/12/08 08:50:06| Configuring Parent 172.16.2.29/8081/0
2006/12/08 08:50:06| Loaded Icons.
2006/12/08 08:50:06| Ready to serve requests.

store.log:

1165528254.638 RELEASE -1 FFFFFFFF 137EFECED1A3252553245634378FAC4B 200
1165528319 1087879943 -1 image/gif 3911/3911 GET
http://www.funtrivia.com/img/cat/5/18.gif
1165528261.722 RELEASE -1 FFFFFFFF A0619B91272D1387C1F87DE18B8F6DBA 407
1165528261 0 1165528261 text/html 1422/1422 GET
http://crl.thawte.com/ThawtePremiumServerCA.crl
1165528261.757 RELEASE -1 FFFFFFFF DC0B707A56B14F7D60A5083D46B2A91A 407
1165528261 0 1165528261 text/html 1422/1422 GET
http://crl.thawte.com/ThawtePremiumServerCA.crl
1165528264.863 RELEASE -1 FFFFFFFF 1AC3613A69520A40159E8BB198ED3731 407
1165528264 0 1165528264 text/html 1608/1608 GET
http://au.update.companion.yahoo.com/slv/v6/not?.ta=cgnone,ccnone,ciau,cv6_2_3&.ids=200,&t=1165528281
1165528264.875 RELEASE -1 FFFFFFFF 8E2A42747A601587365483807C8DD571 407
1165528264 0 1165528264 text/html 1608/1608 GET
http://au.update.companion.yahoo.com/slv/v6/not?.ta=cgnone,ccnone,ciau,cv6_2_3&.ids=200,&t=1165528281
1165528264.886 RELEASE -1 FFFFFFFF AE31994C6C5E36A7386F590536BBE884 407
1165528264 0 1165528264 text/html 1608/1608 GET
http://au.update.companion.yahoo.com/slv/v6/not?.ta=cgnone,ccnone,ciau,cv6_2_3&.ids=200,&t=1165528281
1165528270.200 RELEASE -1 FFFFFFFF 5C8720AADCDFE5AC0582EEF60C7FD084 200
1165523772 1165489455 -1 application/pkix-crl 312774/312774 GET
http://crl.thawte.com/ThawtePremiumServerCA.crl
1165528270.401 RELEASE -1 FFFFFFFF 6D065D6D6D7218090F9AE61983BB334D 407
1165528270 0 1165528270 text/html 1416/1416 GET
http://crl.thawte.com/ThawteCodeSigningCA.crl

pujo mulyono wrote:
> see this line in your squid.conf :
> cache_peer 203.12.22.34 parent 8080 0 proxy-only no-query default
>
> means all object get from parent proxy would not saved to local disk. in other
> side, your squid standart configuration will bypass parent for all non cached
> object, so there is no cached file on your squid machine. if you want squid
> caching object then you must delete option proxy-only from parent proxy above
>
> --- Jason Maher <maher.jason.b@edumail.vic.gov.au> wrote:
>
>
>> Hello,
>> I'm having a problem with squid that I have been unable to solve through
>> the FAQ or reading the mailing list.
>>
>> Squid is not caching any files at all.
>>
>> It looks as though all objects are being released from memory immediately.
>> Everything else (acls, authentication, proxying) is working fine.
>> The system is a fairly fresh Gentoo server, with gentoo's version of
>> squid 2.6 stable 4 installed (see below for squid -v)
>> The system is also running NAT for the network, but since proxying is
>> working I don't imagine this is an issue
>> The swapfile/cache is on a separate reiserfs formatted harddisk mounted
>> on /cache. I tested moving the the cache to /var/cache/squid (on the /
>> filesystem) and it made no difference.
>> The group and owner for /cache/squid are 'squid' and the permissions are 770
>> Running squid -z produces no errors.
>>
>> I am hoping that this is a simple config error :-)
>>
>> Details follow.....
>>
>>
>> /etc/squid/squid.conf (comments grepped out)
>>
>> http_port 172.16.0.5:3128
>> icp_port 0
>> cache_peer 203.12.22.34 parent 8080 0 proxy-only no-query default
>>
>>
>
> regards,
> Pudjo
>
>
>
> ____________________________________________________________________________________
> Do you Yahoo!?
> Everyone is raving about the all-new Yahoo! Mail beta.
> http://new.mail.yahoo.com
>

Important - This email and any attachments may be confidential. If received in error, please contact us and delete all copies. Before opening or using attachments check them for viruses and defects. Regardless of any loss, damage or consequence, whether caused by the negligence of the sender or not, resulting directly or indirectly from the use of any attached files our liability is limited to resupplying any affected attachments. Any representations or opinions expressed are those of the individual sender, and not necessarily those of the Department of Education & Training.
Received on Thu Dec 07 2006 - 15:08:06 MST