[squid-users] R: Squid 100% CPU and possible attack

Job Job at colliniconsulting.it
Wed Oct 28 14:08:03 UTC 2015


Hello to everybody and thank you!

By upgrading to squid 3.4.4 thje problem solves!
I think there is something on Squid 3.1.8, in conjunction with Dansguardian, that creates some loops the telnettting          firewall's LAN  ethernet to the 8080 (Dansguardian) port!

Francesco

________________________________________
Da: Job
Inviato: lunedì 26 ottobre 2015 13.49
A: Amos Jeffries; squid-users at lists.squid-cache.org
Oggetto: R: [squid-users] Squid 100% CPU and possible attack

Hello Amos!

>Something that would cause a machine to make lots of HTTP requests.
>You have provided almost no information about the network, it
>configuration, or uses etc. Having eliminated the usual problem(s) it is
>a waste of time to guess.

I have investigate better about the problem that brings up CPU and Squid process over 100%!
We have this situation: Dansguardian on port 8080 and Squid on port 3128.

The The problem appear when telnetting, from LAN, to:
<ip_firewall_proxy>:8080

Squid process raise up, in few seconds, to 100% and nobody can surf..

I disabled NAT, to make sure it was not a loop of iptables-transparent proxying redirection.

Have you good some suggestions for us?

Thank you again!
Francesco


More information about the squid-users mailing list