[squid-users] squid with quota limit using external helper problem !

--Ahmad-- ahmed.zaeem at netstream.ps
Sun Sep 3 19:49:39 UTC 2017 

Hello squid folks .

I’m trying to use squid external helper to get quote to ips or users.

I’m following the wiki :

http://www.mikealeonetti.com/wiki/index.php?title=Squid_Arms_and_Tentacles:_Bandwidth_quotas

i have done everything my side on squid .

i have tested the connection :
root at localhost:~# /usr/local/bin/bandwidth_calculate /etc/squid/bandwidth_rules
root at localhost:~# 

no errors above !

#######################################

the issue I’m not sure if I’m using squid config file integration correctly .

here is my squid.conf file :

dns_v4_first on
acl localnet src all
auth_param basic program /lib/squid/basic_ncsa_auth  /etc/squid/squid_user
acl ncsa_users proxy_auth REQUIRED
auth_param basic children 1000
external_acl_type bandwidth_check ttl=60 %SRC /usr/local/bin/bandwidth_check
acl bandwidth_auth external bandwidth_check
http_access allow localnet bandwidth_auth
http_access deny  localnet !bandwidth_auth
###################################################
cache_effective_user squid
cache_effective_group squid
###########################################
http_access allow ncsa_users
############################
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_access deny all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern . 

















here is errors i get :


2017/09/03 19:32:38 kid1| WARNING: external ACL 'bandwidth_check' queue overload. Request rejected '11.13.209.12'.
2017/09/03 19:38:31 kid1| WARNING: external ACL 'bandwidth_check' queue overload. Request rejected '11.13.209.12'.
2017/09/03 19:44:46 kid1| WARNING: external ACL 'bandwidth_check' queue overload. Request rejected '148.161.111.42'.
2017/09/03 19:44:47 kid1| WARNING: external ACL 'bandwidth_check' queue overload. Request rejected '148.161.111.42’.



but I’m sure 100 % that the ips above not blacklisted bec i check them over the helper :



root at localhost:~/squid-3.5.22# /usr/local/bin/bandwidth_check
11.13.209.12
OK
11.13.209.12
OK





root at localhost:~# cat /etc/squid/bandwidth_rules 
# A subnet
192.168.1.0/24        100mb/d 500mb/w    10gb/m
# A range
10.0.0.100-200        200mb/m
# A single IP
192.168.2.105        1gb/w 20gb/m
# A username
mike                 5gb/w
as1  10mb/d
hola    10mb/d
11.13.209.12           10mb/d





here is squid when it run :

root at localhost:~# tailf /var/log/squid/cache.log
2017/09/03 19:32:33 kid1| ERROR: Failed to create helper child read FD: TCP [::1]
2017/09/03 19:32:33 kid1| WARNING: Cannot run '/usr/local/bin/bandwidth_check' process.
2017/09/03 19:32:33 kid1| HTCP Disabled.
2017/09/03 19:32:33 kid1| Finished loading MIME types and icons.
2017/09/03 19:32:33 kid1| Accepting HTTP Socket connections at local=44.33.95.148:10001 remote=[::] FD 36 flags=9
2017/09/03 19:32:33 kid1| Accepting HTTP Socket connections at local=44.33.95.148:10002 remote=[::] FD 37 flags=9
2017/09/03 19:32:38 kid1| WARNING: external ACL 'bandwidth_check' queue overload. Request rejected '11.13.209.12'.
2017/09/03 19:38:31 kid1| WARNING: external ACL 'bandwidth_check' queue overload. Request rejected '11.13.209.12'.
2017/09/03 19:44:46 kid1| WARNING: external ACL 'bandwidth_check' queue overload. Request rejected '148.161.111.42'.
2017/09/03 19:44:47 kid1| WARNING: external ACL 'bandwidth_check' queue overload. Request rejected '148.161.111.42'.
2017/09/03 19:46:14 kid1| WARNING: external ACL 'bandwidth_check' queue overload. Request rejected '11.13.209.12’.




Guys i know this is not squid 100 % question .

plz don’t put me down and just guide me where to troubleshoot to figure out this issue .


many thanks !







-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170903/a46eee10/attachment.html>

More information about the squid-users mailing list