On Dec 7, 2010, at 5:13 PM, Amos Jeffries wrote:
> On 08/12/10 05:32, donovan jeffrey j wrote:
>> greetings
>>
>> i recently updated my transparent proxy to sq 3.1.9, which also uses squidguard for url filters.
>
> First "best practice" is to use the right terminology.
sorry i forgot we changed that ;)
>
> Your log traces says "Accepting intercepted HTTP connections at 10.0.2.3:3128" So they are NAT interception connections.
yes I am using NAT after Squid.
client --- > [ squid ] ----> [ NAT ] --->
>
>
>>
>> this have been bogging down. browser always says ,.." waiting for google,... or waiting for www.abc.com
>> I could have a dns issue or I could have a cache swap issue or a squidguard issue. I first wanted to make sure that running 3.1.9 transparent is the best version for the job. I had read a while back in a thread that v2.7 might be better than 3.1.x. Can anyone confirm ?
>
> 2.7 should not be.
>
> I've not had anyone explicitly mention whether the NAT logic upgrades to 3.x worked or not in Mac. The BSD ones needed some extra fixes which were done back around 3.1.6
So basically 3.1.9 should be fine for my purposes then.
here is my config. does anything stand out as wrong or should be adjusted ?
# squid.conf
#
#
#
# set logging to the lowest level
debug_options ALL,1
#access to squid and the cache manager
#
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl all src 0.0.0.0/0.0.0.0
acl noc src 10.3.1.0/24 10.135.0.0/16 10.235.0.0/16 10.35.1.0/24
acl admin src 10.139.0.0/16 10.136.0.0/16 10.103.0.0/16
acl hs src 10.150.0.0/16 10.149.0.0/16 10.151.0.0/16 10.152.0.0/16 10.153.0.0/16
acl ms src 10.142.0.0/16 10.140.0.0/16
acl ele src 10.104.0.0/16
#no cache settings
no_cache deny noc
no_cache deny admin
no_cache deny hs
no_cache deny ms
no_cache deny ele
no_cache deny all
http_access allow manager localhost
#http_access allow manager apache
http_access allow noc
http_access allow admin
http_access allow hs
http_access allow ms
http_access allow ele
http_access deny all
#Squid's user and group
cache_effective_user squid squid
#visible hostname
visible_hostname T1-2
# set log directories
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
# set cache directories of 16GB each
cache_dir ufs /usr/local/squid/var/cache 100 16 256
request_header_max_size 1000 KB
# set the cache memory target for the Squid process
cache_mem 100 MB
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
#
redirect_program /usr/local/bin/squidGuard
redirect_children 100
client_persistent_connections off
server_persistent_connections off
Received on Wed Dec 08 2010 - 00:38:28 MST
This archive was generated by hypermail 2.2.0 : Wed Dec 08 2010 - 12:00:01 MST