[squid-users] Squid-3.5.2 and FreeBSD 10.1

Odhiambo Washington odhiambo at gmail.com
Fri Feb 20 09:09:30 UTC 2015 

On 20 February 2015 at 04:15, Amos Jeffries <squid3 at treenet.co.nz> wrote:

> On 20/02/2015 5:15 a.m., Odhiambo Washington wrote:
> > On 19 February 2015 at 15:12, Odhiambo Washington <odhiambo at gmail.com>
> > wrote:
> >
> >> Hi Amos,
> >>
> >> I did see that thread. However, the discussion was still continuing
> then.
> >>
> >>
> >> I will apply it to my server and see.
> >>
> >> Reporting back today!
> >>
> >>
> >>
> >> On 19 February 2015 at 14:07, Amos Jeffries <squid3 at treenet.co.nz>
> wrote:
> >>
> >>> On 19/02/2015 10:49 p.m., Odhiambo Washington wrote:
> >>>> I have been hoping that 3.5.2 would possibly help address my problems
> >>> with
> >>>> ACLs, but alas!
> >>>
> >>> Ah, I thought you saw this announcement made just after your last
> >>> message in Jan:
> >>>
> >>> <
> >>>
> http://lists.squid-cache.org/pipermail/squid-users/2015-January/001745.html
> >>>>
> >>>
> >>> Its sounds very much like what your last few threads have been
> >>> describing as happening. Signal handling issues will affect all the
> >>> squid -k operations.
> >>>
> >>> Amos
> >>>
> >>
> >
> > I have compiled a custom kernel after applying this patch mentioned in
> that
> > thread.
>
> Er. There were two patches mentioned as being applied in the FreeBSD
> mail and bug reports.
>
> >
> > wash at mail:~$ uname -a
> > FreeBSD mail.ili.or.ug 10.1-RELEASE-p5 FreeBSD 10.1-RELEASE-p5 #4: Thu
> Feb
> > 19 16:55:56 EAT 2015     root at mail.ili.or.ug:/usr/obj/usr/src/sys
> > /BEASTIE-10.x  amd64
> >
> >
> > However, my issues still persist.
> >
> > root at mail:/opt # /opt/squid-3.5.2/sbin/squid -k reconfigure
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> > 2015/02/19 19:10:53.639| Acl.cc(380) ~ACL: freeing ACL
> >
> >
> > Would this then suggest there is a problem with my squid.conf
> > <http://pastebin.com/wwwcnHnF> ?
> >
> > Or the FreeBSD problem isn't quite solved?
> >
>
> Could you re-state what the problem is?
>
> Now your pastebin is expired all we have on record about this problems
> is the sentence: "it's crashing with errors as seen from <DEAD URL>"
>


Generally, Squid seems to partially ignore my time-based ACLS as seen in
the squid.conf

It would block one site but allow the others. I expect a standard blocking
within the specied time.

I have not been able to figure out why.

For instance, my ACL for TIMEWASTAGESITED contains .facebook.com, .gmail.com
and .youtube.com as dstdomains.

I find that youtube.com is blocked while facebook.com is not blocked. Both
should be blocked at this time (11:58)

root at mail:/opt/squid-3.5.2/etc # tail -f /usr/local/squid/logs/access.log |
grep DENIED
1424422669.545    456 192.168.2.2 TCP_DENIED/403 4345 GET
http://youtube.com/ - HIER_NONE/- text/html
1424422671.910      1 192.168.2.2 TCP_DENIED/403 4291 GET
http://youtube.com/favicon.ico - HIER_NONE/- text/html

root at mail:/opt/squid-3.5.2/etc # tail -f /usr/local/squid/logs/access.log |
grep 192.168.2.2
1424422669.545    456 192.168.2.2 TCP_DENIED/403 4345 GET
http://youtube.com/ - HIER_NONE/- text/html
1424422671.910      1 192.168.2.2 TCP_DENIED/403 4291 GET
http://youtube.com/favicon.ico - HIER_NONE/- text/html
1424422710.537    863 192.168.2.2 TCP_MISS/400 372 POST
http://bench.utorrent.com/e?i=36 - ORIGINAL_DST/54.221.228.66 text/html
1424422710.578    903 192.168.2.2 TCP_MISS/400 372 POST
http://bench.utorrent.com/e?i=36 - ORIGINAL_DST/54.197.243.221 text/html
1424422755.202   1239 192.168.2.2 TCP_MISS/200 280 POST
http://bench.utorrent.com/e?i=20 - ORIGINAL_DST/54.243.183.178 text/html
1424422756.602    846 192.168.2.2 TCP_MISS/200 1016 GET
http://cdn.ap.bittorrent.com/control/feature/tags/ut.json - ORIGINAL_DST/
54.230.128.
193 application/json
1424422895.279    593 192.168.2.2 TCP_MISS/404 1792 GET
http://www.gstatic.com/chrome/profile_avatars/NothingToDownload -
ORIGINAL_DST/196.0
.3.114 text/html


The odd part:

While facebook.com and gmail.com are accessible, nothing appears at all in
the access.log and cache.log (debug mode) about them yet this is an
intercept proxy. The sites just load. No log enties:(

I am willing to give access to both the Squid Server and the test machine
if someone can figure this out for me.


-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
"I can't hear you -- I'm using the scrambler."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150220/c99e77a7/attachment.html>

More information about the squid-users mailing list