[squid-users] Two connections per client

Chris Nighswonger cnighswonger at foundations.edu
Wed Mar 16 12:25:47 UTC 2016 

On Wed, Mar 16, 2016 at 1:03 AM, Amos Jeffries <squid3 at treenet.co.nz> wrote:

> On 16/03/2016 12:38 p.m., Chris Nighswonger wrote:
> > Why does netstat show two connections per client connection to Squid:
> >
> > tcp        0      0 127.0.0.1:3128          127.0.0.1:34167
> > ESTABLISHED
> > tcp        0      0 127.0.0.1:34167         127.0.0.1:3128
> > ESTABLISHED
> >
> > In this case, there is a content filter running in front of Squid on the
> > same box. The same netstat command filtered on the content filter port
> > shows only one connection per client:
> >
> > tcp        0      0 192.168.x.x:8080      192.168.x.y:1310
>  ESTABLISHED
> >
>
> Details of your Squid configuration are needed to answer that.
>


Here it is. I've stripped out all of the acl lines to reduce the length:

tcp_outgoing_address 184.x.x.x
http_port 127.0.0.1:3128
hierarchy_stoplist cgi-bin ?
cache_mem 4 GB
maximum_object_size 32768 KB
maximum_object_size_in_memory 200 KB
cache_dir aufs /var/cache/squid3 375000 65 256
access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
cache_store_log none
cachemgr_passwd SuperSecretPW all
debug_options ALL,1
auth_param basic program /usr/lib/squid3/basic_ldap_auth <connection
parameters go here>
auth_param basic children 60
auth_param basic realm Campus Proxy Server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
refresh_pattern .        0    20%    4320
quick_abort_min 0 KB
quick_abort_max 0 KB
forwarded_for truncate
follow_x_forwarded_for allow all
log_uses_indirect_client on
http_reply_access allow all
icp_access allow all
cache_mgr support at organization.tld
store_avg_object_size 20 KB
coredump_dir /var/spool/squid3
client_persistent_connections on
server_persistent_connections on
persistent_connection_after_error on
visible_hostname gateway.intranet.organization.tld
negative_ttl 5 minutes
negative_dns_ttl 1 minutes
cache_effective_user proxy
cache_effective_group proxy


Kind regards,
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160316/27585ade/attachment.html>

More information about the squid-users mailing list