squid 3x erro

alan inacio alanbrawdebian at gmail.com
Thu Oct 30 11:57:02 UTC 2014


Srs. Bom dia.
Estou montando um servidor cache.
Cenário link adsl 2mb isso mesmo 2 mb infelizmente não temos outra opção de
link, Divido a internet com 11 pessoas a ideia não é fazer bloqueios por
enquanto rs mas sim aumentar a performance da internet o servidor já esta
em produção.

Porem esta gerando erros sempre que inicio o serviço do squid

oot at SRV-CACHE:~# service squid3 restart
Restarting Squid HTTP Proxy 3.x: squid3 Waiting.....................done.
Creating Squid HTTP Proxy 3.x cache structure ... (warning).
2014/10/29 21:41:18| Creating Swap Directories
2014/10/29 21:41:18| /var/cache/squid3 exists
2014/10/29 21:41:18| /var/cache/squid3/00 exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/00
2014/10/29 21:41:18| /var/cache/squid3/01 exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/01
2014/10/29 21:41:18| /var/cache/squid3/02 exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/02
2014/10/29 21:41:18| /var/cache/squid3/03 exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/03
2014/10/29 21:41:18| /var/cache/squid3/04 exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/04
2014/10/29 21:41:18| /var/cache/squid3/05 exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/05
2014/10/29 21:41:18| /var/cache/squid3/06 exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/06
2014/10/29 21:41:18| /var/cache/squid3/07 exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/07
2014/10/29 21:41:18| /var/cache/squid3/08 exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/08
2014/10/29 21:41:18| /var/cache/squid3/09 exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/09
2014/10/29 21:41:18| /var/cache/squid3/0A exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/0A
2014/10/29 21:41:18| /var/cache/squid3/0B exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/0B
2014/10/29 21:41:18| /var/cache/squid3/0C exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/0C
2014/10/29 21:41:18| /var/cache/squid3/0D exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/0D
2014/10/29 21:41:18| /var/cache/squid3/0E exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/0E
2014/10/29 21:41:18| /var/cache/squid3/0F exists
2014/10/29 21:41:18| Making directories in /var/cache/squid3/0F


root at SRV-CACHE:~# squid3 -k parse
2014/10/29 21:39:49| Processing Configuration File: /etc/squid3/squid.conf
(depth 0)
2014/10/29 21:39:49| Starting Authentication on port [::]:3128
2014/10/29 21:39:49| Disabling Authentication on port [::]:3128
(interception enabled)
2014/10/29 21:39:49| Disabling IPv6 on port [::]:3128 (interception enabled)
2014/10/29 21:39:49| WARNING: use of 'override-expire' in 'refresh_pattern'
violates HTTP
2014/10/29 21:39:49| WARNING: use of 'reload-into-ims' in 'refresh_pattern'
violates HTTP
2014/10/29 21:39:49| WARNING: use of 'ignore-no-cache' in 'refresh_pattern'
violates HTTP
2014/10/29 21:39:49| WARNING: use of 'ignore-private' in 'refresh_pattern'
violates HTTP
root at SRV-CACHE:~#

Parece que toda vez que inicio o equid3 ele tenta recriar a estrutura de
diretórios será que o valor do cache_dir esta errado?

cache_dir aufs /var/cache/squid3 240000 16 256

Minha configuração.

Hardware modesto apenas para testes.
Intel i3
Memoria 2gb
Hd 320gb
SO. Debian 6
Squid 3.X


#PORTA DO PROXY
http_port 3128 transparent
always_direct allow all

# Nome do servidor - contato
visible_hostname SRV-CACHE
cache_mgr alan.inacio at yahoo.com.br

# CONFIGURACAO DOS LOGS ERROS
access_log /var/log/squid3/access.log
access_log /var/log/squid3/cache.log
cache_store_log /var/log/squid3/store.log
error_directory /usr/share/squid3/errors/Portuguese
coredump_dir /var/spool/squid

# DIRETORIO DO CACHE LIBERADO 240GB NO HD DE 320GB
cache_dir aufs /var/cache/squid3 240000 16 256

# MEMORIA TOTAL DO SRV 2GB DDR3 1066
cache_mem 1024 MB
memory_pools off

# Requisições de downloads abortadas
maximum_object_size_in_memory 512 KB
maximum_object_size 1024 MB
minimum_object_size 0 KB

memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

# Requisicoes de downloads abortadas
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95%

#LIMPEZA DO CACHE
cache_swap_low 95
cache_swap_high 98
ipcache_size 1024
ipcache_low 98
ipcache_high 95
fqdncache_size 1024

detect_broken_pconn on

# ACL
# acl all src 0.0.0.0/0.0.0.0 #### DESATIVADO ESTA COM ERRO
acl manager proto cache_object
acl localhost src 127.0.0.1/32

acl SSL_ports port 443 563 873 # https, snews
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 973 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # portas altas
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 3389 # acesso remoto windows
acl CONNECT method CONNECT

# PERMICOES DE ACESSO
http_access allow manager localhost
http_access allow manager
http_access allow !Safe_ports
http_access allow CONNECT !SSL_ports
http_access allow all

# DNS GOOGLE
dns_nameservers 8.8.8.8
dns_nameservers 8.8.4.4

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 45 40% 4320

# Atualizacoes do cache
hierarchy_stoplist cgi-bin ?
hierarchy_stoplist html ?
#
refresh_pattern -i \.jpg$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.gif$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.png$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.jpeg$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.bmp$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.tif$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.tiff$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.swf$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.exe$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.php$ 0 20% 1440 reload-into-ims
refresh_pattern -i \.html$ 0 20% 1440 reload-into-ims
refresh_pattern -i \.htm$ 0 20% 1440 reload-into-ims
refresh_pattern -i \.shtml$ 0 20% 1440 reload-into-ims
refresh_pattern -i \.shtm$ 0 20% 1440 reload-into-ims

# Videos
refresh_pattern -i \.(mp3|mp4|m4a|ogg|mov|avi|wmv|flv)$ 10080 90% 999999
ignore-no-cache override-expire ignore-private

# Widows UPDATE
refresh_pattern -i
microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip|psf) 4320 80%
43200 reload-into-ims
refresh_pattern -i
windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip|psf) 4320 80%
43200 reload-into-ims
refresh_pattern -i
update.microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip|dsft) 4320
80% 432000 reload-into-ims
refresh_pattern -i
microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip|dsft) 4320 80%
432000 reload-into-ims
refresh_pattern -i
windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip|dsft) 4320 80%
432000 reload-into-ims
refresh_pattern -i
windows.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip|dsft) 4320 80%
432000 reload-into-ims
refresh_pattern -i
c2r.microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip|dsft) 4320 80%
432000 reload-into-ims
refresh_pattern -i
download.windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip|dsft)
4320 80% 432000 reload-into-ims

# Antivirus
refresh_pattern guru.avg.com/.*\.(bin) 4320 100% 43200 reload-into-ims
refresh_pattern bguru.avg.com/.*\.(bin) 4320 100% 43200 reload-into-ims
refresh_pattern af.avg.com/.*\.(bin) 4320 100% 43200 reload-into-ims
refresh_pattern mbam-cdn.malwarebytes.org/.*\.(exe) 4320 100% 43200
reload-into-ims
refresh_pattern data-cdn.mbamupdates.com/.*\.(ref) 4320 100% 43200
reload-into-ims
refresh_pattern avast.com/.*\.(vpu|cab|stamp|exe) 10080 100% 43200
reload-into-ims
refresh_pattern personal.avira-update.com/.*\.(cab|exe|dll|msi|gz) 10080
100% 43200 reload-into-ims

Montei o script acima com base em pesquisa em alguns sites e gostaria de
sugestões para melhorar o meu a minha conf pois estou aprendendo ainda e
acho que esse é uma boa oportunidade para me desenvolver.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/debian-br-geral/attachments/20141030/92763f7c/attachment.html>


More information about the Debian-br-geral mailing list