RE: [squid-users] Upgrading SQUID from 3.1.6 to 3.1.23 - not working-

Hi,

So I tried to replace the Debian SQUID3 3.1.6 binary with my build of SQUID 3.1.23 and had *no luck*.
3.1.23 ask for a missing files mime.conf, wich I created empty. Stopped 3.1.6 and Dansguardian, starded 3.1.23 with the init.d script and started DANSGUARDIAN and.... Nothing at all. No connexion *at all*, no traces in access.log. Only in /var/log/messages:

Apr 2 18:32:13 metis squid[4370]: Squid Parent: child process 4372 started
Apr 2 18:32:13 metis squid[4370]: Squid Parent: child process 4372 exited with status 1
Apr 2 18:32:16 metis squid[4370]: Squid Parent: child process 4392 started
Apr 2 18:32:16 metis squid[4370]: Squid Parent: child process 4392 exited with status 1
Apr 2 18:32:19 metis squid[4370]: Squid Parent: child process 4407 started
Apr 2 18:32:19 metis squid[4370]: Squid Parent: child process 4407 exited with status 1
Apr 2 18:32:22 metis squid[4370]: Squid Parent: child process 4430 started
Apr 2 18:32:22 metis squid[4370]: Squid Parent: child process 4430 exited with status 1
Apr 2 18:32:25 metis squid[4370]: Squid Parent: child process 4445 started
Apr 2 18:32:25 metis squid[4370]: Squid Parent: child process 4445 exited with status 1

No much debug available...

/etc/init.d>squid3 -v
Squid Cache: Version 3.1.6
configure options: '--build=i486-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' '--srcdir=.' '--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3' '--mandir=/usr/share/man' '--with-cppunit-basedir=/usr' '--enable-inline' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-underscores' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM' '--enable-ntlm-auth-helpers=smb_lm,' '--enable-digest-auth-helpers=ldap,password' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group' '--enable-arp-acl' '--enable-esi' '--disable-translation' '--with-logdir=/var/log/squid3' '--with-pidfile=/var/run/squid3.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-linux-netfilter' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -g -Wall -O2' 'LDFLAGS=' 'CPPFLAGS=' 'CXXFLAGS=-g -O2 -g -Wall -O2' --with-squid=/build/buildd-squid3_3.1.6-1.2+squeeze1-i386-_y3HlV/squid3-3.1.6
root_at_metis (0) mar. avril 02 18:20:16
/etc/init.d>squid -v
Squid Cache: Version 3.1.23
configure options: '--build=i486-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' '--srcdir=.' '--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3' '--mandir=/usr/share/man' '--with-cppunit-basedir=/usr' '--enable-inline' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-underscores' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,,getpwnam,squid_radius_auth,multi-domain-NTLM' '--enable-ntlm-auth-helpers=smb_lm,' '--enable-digest-auth-helpers=ldap,password' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group' '--enable-arp-acl' '--enable-esi' '--disable-translation' '--with-logdir=/var/log/squid3' '--with-pidfile=/var/run/squid3.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-linux-netfilter' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -g -Wall -O2' 'LDFLAGS=' 'CPPFLAGS=' 'CXXFLAGS=-g -O2 -g -Wall -O2' --with-squid=/home/sysres01/squid3/squid-3.1.23
root_at_metis (0) mar. avril 02 18:22:44

Squid.conf
/etc/init.d>more /etc/squid3/squid.conf
http_port 3128
cache_peer 127.0.0.1 parent 8080 7 no-query no-digest no-netdb-exchange
acl NOBEL url_regex -i "/etc/squid3/nocache.url"
cache deny NOBEL
cache_mem 512 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 32 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 256 KB
# 256 KB
ipcache_size 4096
ipcache_low 90
ipcache_high 95
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
cache_dir ufs /var/spool/squid3 3120 16 256
cache_access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
cache_store_log none
emulate_httpd_log off
log_mime_hdrs off
debug_options ALL,1 33,0 29,1
log_fqdn on
client_netmask 255.255.255.255
#ftp_user proxy_at_XXXXXXX
#ftp_list_width 128
#ftp_passive on
#ftp_sanitycheck on
dns_retransmit_interval 2 seconds
#JV 18/10/2011 pour corsica
dns_timeout 20 secondes
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 8
auth_param basic realm XXXXX.INTRA
auth_param basic credentialsttl 4 hours
auth_param basic casesensitive off
external_acl_type ad_group %LOGIN /usr/lib/squid3/wbinfo_group.pl
authenticate_cache_garbage_interval 1 hour
authenticate_ttl 1 hour
authenticate_ip_ttl 3600 seconds
request_header_max_size 200 KB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min -1 KB
quick_abort_max 128 KB
quick_abort_pct 95
negative_ttl 1 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 2 minute
range_offset_limit 0 KB
connect_timeout 4 minute
request_timeout 5 minutes
persistent_request_timeout 60 second
shutdown_lifetime 10 seconds
#acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl SSL_ports port 8000 # https
acl SSL_ports port 8080 # https
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 4280 # http
acl Safe_ports port 8000 8080 # http
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny CONNECT !SSL_ports
http_access allow CONNECT SSL_ports
acl proxy dst 192.168.1.5/32
http_access allow proxy
http_access deny to_localhost
acl Authenticated proxy_auth REQUIRED
acl directaccess external ad_group www-directaccess
acl activefilter external ad_group www-activefilter
acl directurls dstdomain "/etc/squid3/directurls"
http_access allow directurls
always_direct allow directurls
http_access allow localhost
acl restrictedfilter01 external ad_group www-restricted01
acl restrictedfilter02 external ad_group www-restricted02
acl goodsites01 url_regex "/etc/squid3/contentlist01"
acl goodsites02 url_regex "/etc/squid3/contentlist02"
http_access deny !Safe_ports activefilter
http_access deny !Safe_ports restrictedfilter01
http_access deny !Safe_ports restrictedfilter02
http_access allow goodsites01 restrictedfilter01
http_access allow goodsites02 restrictedfilter02
http_access allow directaccess
always_direct allow directaccess
http_access allow activefilter
http_access allow directaccess SSL_ports
http_access allow activefilter SSL_ports
http_access deny restrictedfilter01
http_access deny restrictedfilter02
http_access deny !Authenticated !localhost
http_access deny all
http_reply_access allow all
icp_access allow all
#cache_peer_access puck allow activefilter
#cache_peer_access puck deny all
reply_header_max_size 20 KB
cache_mgr exploitation_dsi_at_belambra.fr
cache_effective_user proxy
cache_effective_group proxy
visible_hostname belambra
cachemgr_passwd proxyvvfmgr all
always_direct allow localhost
always_direct allow directurls
never_direct allow activefilter
forwarded_for off
never_direct deny all
error_directory /var/hera/squiderrors
coredump_dir /var/spool/squid3
client_persistent_connections on
server_persistent_connections on
detect_broken_pconn on
pipeline_prefetch on

Jérôme VERNET
BELAMBRA HOLDING
Responsable Réseaux et Télécoms
01 77 70 93 56 - 06 87 75 72 07

-----Message d'origine-----
De : Eliezer Croitoru [mailto:eliezer_at_ngtech.co.il]
Envoyé : vendredi 29 mars 2013 12:01
À : squid-users_at_squid-cache.org
Objet : Re: [squid-users] Upgrading SQUID from 3.1.6 to 3.1.23

On 03/28/2013 07:02 PM, Vernet Jerome wrote:
> My question: can I simply:
> -stop SQUID3/dansguardian
> -swap binary (/usr/sbin/squid3) with the new version -start
> SQUID3/dansguardian ?
>
> Is there something to put somewhere else ? Helpers ?
>
> Will it work like that ? If something fail, can I simply get the old squid3(.1.6) binary ?
>
> Furthermore, upgrading from 3.1 to 3.2 (and may be 3.3) is a difficult task ? Is it worth ?
>
> Thanks for help
What?
I cannot understand what you have done.

restarted?
can you please share iptables + squid.conf + "squid -v".

how are you using dansguardian + squid exactly?

Thanks,
Eliezer
Received on Tue Apr 02 2013 - 16:43:52 MDT