[squid-users] Squid versions and FreeBSD-10.1 headache

Yuri Voinov yvoinov at gmail.com
Fri Jan 23 11:57:56 UTC 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
redirection loop can only occurs when reqwiter or NAT misconfigured.

On early Squid versions to avoid loops was used:

# Rewriter cycle workaround
url_rewrite_access deny localhost

rule.

Somewhere in your configuration occurs redirector looping.

But I can't see URL rewriter in your config. This is looped configuration?

23.01.2015 17:37, Odhiambo Washington пишет:
> So for the past few days I have been struggling with Squid in intercept mode on FreeBSD-10.1.
>
> Using the same squid.conf for Squid-3.4.10 and Squid-3.5.1 and the
same Firewall rules (I have tested with IPFilter and PF and these rules
work with Squid-2.7.9 on several FreeBSD boxes that I have):
>
> 1. Squid-3.5.1 has completely refused to play along - always
complaining about "loop detected" and hence denying all requests
> 2. Squid-3.4.10 plays along, BUT has so much complaints in cache.log
as below:
>
> 2015/01/23 13:26:43| Set Current Directory to /usr/local/squid/logs
> 2015/01/23 13:26:43| Set Current Directory to /usr/local/squid/logs
> 2015/01/23 13:26:43| Starting Squid Cache version 3.4.10 for
amd64-portbld-freebsd10.1...
> 2015/01/23 13:26:43| Process ID 15770
> 2015/01/23 13:26:43| Process Roles: master worker
> 2015/01/23 13:26:43| With 114417 file descriptors available
> 2015/01/23 13:26:43| Initializing IP Cache...
> 2015/01/23 13:26:43| DNS Socket created at [::], FD 5
> 2015/01/23 13:26:43| DNS Socket created at 0.0.0.0, FD 6
> 2015/01/23 13:26:43| Adding domain ili.or.ug <http://ili.or.ug> from
/etc/resolv.conf
> 2015/01/23 13:26:43| Adding nameserver 127.0.0.1 from /etc/resolv.conf
> 2015/01/23 13:26:43| helperOpenServers: Starting 5/15 'ssl_crtd' processes
> 2015/01/23 13:26:43| helperOpenServers: Starting 10/15
'ut-squidbooster' processes
> 2015/01/23 13:26:43| Logfile: opening log
stdio:/usr/local/squid/logs/access.log
> 2015/01/23 13:26:43| Local cache digest enabled; rebuild/rewrite every
3600/3600 sec
> 2015/01/23 13:26:43| Store logging disabled
> 2015/01/23 13:26:43| Swap maxSize 104857600 + 131072 KB, estimated
8076051 objects
> 2015/01/23 13:26:43| Target number of buckets: 403802
> 2015/01/23 13:26:43| Using 524288 Store buckets
> 2015/01/23 13:26:43| Max Mem  size: 131072 KB
> 2015/01/23 13:26:43| Max Swap size: 104857600 KB
> 2015/01/23 13:26:43| Rebuilding storage in /usr/local/squid/cache
(dirty log)
> 2015/01/23 13:26:43| Using Least Load store dir selection
> 2015/01/23 13:26:43| Set Current Directory to /usr/local/squid/logs
> 2015/01/23 13:26:43| Finished loading MIME types and icons.
> 2015/01/23 13:26:43| HTCP Disabled.
> 2015/01/23 13:26:43| Pinger socket opened on FD 45
> 2015/01/23 13:26:43| Squid plugin modules loaded: 0
> 2015/01/23 13:26:43| Adaptation support is off.
> 2015/01/23 13:26:43| Accepting NAT intercepted HTTP Socket connections
at local=[::]:13128 remote=[::] FD 40 flags=41
> 2015/01/23 13:26:43| Accepting HTTP Socket connections at
local=[::]:13127 remote=[::] FD 41 flags=9
> 2015/01/23 13:26:43| Accepting NAT intercepted SSL bumped HTTPS Socket
connections at local=[::]:13129 remote=[::] FD 42 flags=41
> 2015/01/23 13:26:43| Accepting ICP messages on [::]:3130
> 2015/01/23 13:26:43| Sending ICP messages from [::]:3130
> 2015/01/23 13:26:43| pinger: Initialising ICMP pinger ...
> 2015/01/23 13:26:43| pinger: ICMP socket opened.
> 2015/01/23 13:26:43| pinger: ICMPv6 socket opened
> 2015/01/23 13:26:43| Store rebuilding is 50.88% complete
> 2015/01/23 13:26:43| Done reading /usr/local/squid/cache swaplog (7861
entries)
> 2015/01/23 13:26:43| Finished rebuilding storage from disk.
> 2015/01/23 13:26:43|      7845 Entries scanned
> 2015/01/23 13:26:43|         0 Invalid entries.
> 2015/01/23 13:26:43|         0 With invalid flags.
> 2015/01/23 13:26:43|      7829 Objects loaded.
> 2015/01/23 13:26:43|         0 Objects expired.
> 2015/01/23 13:26:43|        16 Objects cancelled.
> 2015/01/23 13:26:43|         0 Duplicate URLs purged.
> 2015/01/23 13:26:43|         0 Swapfile clashes avoided.
> 2015/01/23 13:26:43|   Took 0.05 seconds (168735.72 objects/sec).
> 2015/01/23 13:26:43| Beginning Validation Procedure
> 2015/01/23 13:26:43|   Completed Validation Procedure
> 2015/01/23 13:26:43|   Validated 7829 Entries
> 2015/01/23 13:26:43|   store_swap_size = 457188.00 KB
> 2015/01/23 13:26:44| storeLateRelease: released 0 objects
> 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x804ce9b78
dns_internal.cc:1131
> 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x804b1d7d8 ipcache.cc:353
> 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x8048b2698
Checklist.cc:45
> 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x804b1d7d8
Checklist.cc:160
> 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x804b1b618 helper.cc:856
> 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x804b1d7d8
redirect.cc:176
> 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x8049e9498
store_client.cc:337
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x804ce9b78 ipcache.cc:353
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8048b27d8
Checklist.cc:45
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8094c8058
store_client.cc:154
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8049e9498
store_client.cc:337
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8049e9498
store_client.cc:337
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8094c6058
CommCalls.cc:21
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8094c8058
store_client.cc:154
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8049e9498
store_client.cc:337
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x804ab8458
CommCalls.cc:21
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8094c8058
store_client.cc:154
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8049e9498
store_client.cc:337
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x804b1d718
clientStream.cc:235
> 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8048b2558
Checklist.cc:320
>
> I am running squid like:
> /usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf -N
>
> I do not see any coredumps with this scenario even when I run with -NCd1
>
> For the time being I have opted to run squid with cache_log set to
/dev/null. Not elegant at all.
>
> So my questions:
>
> Is anyone else here successfully running squid (3.4.10 or 3.5.x) in
intercept mode on FreeBSD 10.x using either PF or IPFilter?
>
> I'd really love to compare notes. Maybe that will help clear my
current brain-lock!
>
> Technically, I have reached my /etc on this one.
>
> My squid.conf is available at http://pastebin.com/L16cDmRp
>
>
>
>
>
> --
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254733744121/+254722743223
> "I can't hear you -- I'm using the scrambler."
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBAgAGBQJUwjdEAAoJENNXIZxhPexGgB0IALoQUrOwWHmn75BZxXtFynCs
KspBiPlLnCx0o/bv5mjmyeQChEeH/vAelMupIAvfF7tHnfX1No7JJ6zXuULNfkka
0rvBVpbqqP6XZwVnS8Bfqwan4za7nvt5g3Fasj0Qw/bx9n0QF9roUOsPr7QeudmM
SoKE45QXsoaznW8+ObE+oRM4108qpEDZb6IuWTAO7hFu4hyctvAw6LcAU718gu43
AW8D2RrSGQaKoE75ah+PblopkjjoQxj1ycg0lgbt5h37DiNuP7flN5VSz/vahbkg
Z27L/PWRipmblfp2fsoHWJjNBCgd8fcfbdRifPD/gMSs23de/FAGUu6liMNdaqU=
=Qy97
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150123/b7a2e312/attachment.html>

More information about the squid-users mailing list