[squid-users] Squid doesn't execute url_rewrite_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf
Amos Jeffries
squid3 at treenet.co.nz
Tue Feb 12 00:01:42 UTC 2019
On 12/02/19 6:11 am, Alex Rousskov wrote:
> On 2/2/19 12:37 PM, eliezer at ngtech.co.il wrote:
>> Can we change the default from "startup=0" to "startup=1" ?
>
> We obviously can. The real question is whether we should. AFAICT, the
> default changed to zero in commit 48d54e4. In that commit message, I did
> not find an explanation of _why_ the default was changed, but I could
> have missed it. I only saw references to why the new default may cause
> problems.
This feature was added with a focus on improving efficiency for small
integrated systems (OpenWRT, RaspberryPi, Android etc.) with some
additional benefits for larger systems.
The small limited-resource systems lack of RAM meant the default of 10
always running helpers of each type consumed sometimes considerably more
memory than was available in total or necessary.
Even larger resource-rick systems were having issues with admin
(mis)configuring hundreds of NTLM helpers in attempts to avoid helpers
all being busy at peak login times.
Most of that was solved by going dynamic. The default being 0 was extra
performance tuning - in hindsight perhapse not the best choice but
suited the use-case for limited memory devices and we have not had many
issues reported about it. A default of 1 would still solve most of the
issues as well as detecting helper crashes on startup. It would mean a
somewhat slower (few seconds) startup on some devices though.
>
> Before we restart changing defaults, we should agree on some principles
> that should guide us in selecting the right default. Please feel free to
> propose/defend them if you want to work on this change. Here is an
> example of a possible principle we could use for situations where the
> default option value is not clear/obvious:
>
> * The default should maximize the chance that a misconfiguration is
> discovered at startup time (rather than at runtime).
>
* the default should not induce overly much RAM usage.
* the default should not cause unnecessary processes to run.
This last is the trickiest because it is a bit fuzzy and relies on
assumptions about admin behaviours - which also vary over time as
experience is gained or forgotten.
** Default 0 (current status-quo) assumption is that the admin might
configure a helper that is never used.
** Default of 1 that all helpers are needed, but maybe fast enough not
to need many forks().
** Default 2+ that traffic load and helper usage is going to be high
with all helpers handling a lot of I/O.
Amos
More information about the squid-users
mailing list