Hi all Hope there is somebody on the list who has seen this before and can help. I have inherited 2 instances of Squid running on Solaris 10 on a 4cpu V440 with Dansguardian content filter. One instance is acting as a caching proxy, and the other is used by Dansguardian for user authentication, using ntlm_auth. (The Samba version) For more info on Dansguardian, see here - http://dansguardian.org The caching proxy is working well, and never gives me any trouble. The one used for authentication, is misbehaving. >From time to time - and it appears random - the squid application will crash and burn, leaving only a core dump and log message to prove it ever existed. RunCache respawns squid, and everything gets back up and running, but my users have to re-authenticate, and they find this annoying. Has anybody seen this before, and what (if anything) did you do to correct it? Some Important Info # uname -a SunOS prowler 5.10 Generic_118833-03 sun4u sparc SUNW,Sun-Fire-V440 >From messages ---snip--- Jan 15 14:59:20 prowler squid[11793]: [ID 702911 daemon.notice] CACHEMGR: <unknown>@127.0.0.1 requesting '5min' Jan 15 14:59:20 prowler squid[11793]: [ID 702911 daemon.notice] CACHEMGR: <unknown>@127.0.0.1 requesting 'info' Jan 15 15:04:22 prowler squid[11793]: [ID 702911 daemon.notice] CACHEMGR: <unknown>@127.0.0.1 requesting '5min' Jan 15 15:04:23 prowler squid[11793]: [ID 702911 daemon.notice] CACHEMGR: <unknown>@127.0.0.1 requesting 'info' Jan 15 15:05:01 prowler squid[15485]: [ID 702911 daemon.notice] urlParse: Illegal hostname 'www.inspectioncentre..com' Jan 15 15:05:04 prowler last message repeated 1 time Jan 15 15:07:29 prowler squid[15485]: [ID 702911 daemon.notice] WARNING: All ntlmauthenticator processes are busy. Jan 15 15:07:29 prowler squid[15485]: [ID 702911 daemon.notice] WARNING: up to 200 pending requests queued Jan 15 15:07:59 prowler squid[15485]: [ID 702911 daemon.notice] WARNING: All ntlmauthenticator processes are busy. Jan 15 15:07:59 prowler squid[15485]: [ID 702911 daemon.notice] WARNING: up to 535 pending requests queued Jan 15 15:07:59 prowler squid[15485]: [ID 702911 daemon.notice] Consider increasing the number of ntlmauthenticator processes to at least 735 in your config file. Jan 15 15:08:29 prowler squid[15485]: [ID 702911 daemon.notice] WARNING: All ntlmauthenticator processes are busy. Jan 15 15:08:29 prowler squid[15485]: [ID 702911 daemon.notice] WARNING: up to 749 pending requests queued Jan 15 15:08:29 prowler squid[15485]: [ID 702911 daemon.notice] Consider increasing the number of ntlmauthenticator processes to at least 949 in your config file. Jan 15 15:09:00 prowler squid[15485]: [ID 702911 daemon.notice] WARNING: All ntlmauthenticator processes are busy. Jan 15 15:09:00 prowler squid[15485]: [ID 702911 daemon.notice] WARNING: up to 947 pending requests queued Jan 15 15:09:00 prowler squid[15485]: [ID 702911 daemon.notice] Consider increasing the number of ntlmauthenticator processes to at least 1147 in your config file. Jan 15 15:09:18 prowler squid[15485]: [ID 702911 daemon.notice] storeDirWriteCleanLogs: Starting... Jan 15 15:09:18 prowler squid[15485]: [ID 702911 daemon.notice] WARNING: Closing open FD 241 Jan 15 15:09:18 prowler squid[15485]: [ID 702911 daemon.notice] Finished. Wrote 8667 entries. Jan 15 15:09:18 prowler squid[15485]: [ID 702911 daemon.notice] Took 0.2 seconds (51607.4 entries/sec). Jan 15 15:09:18 prowler squid[15485]: [ID 702911 daemon.alert] Too many queued ntlmauthenticator requests (1001 on 200) Jan 15 15:09:21 prowler genunix: [ID 603404 kern.notice] NOTICE: core_log: squid[15485] core dumped: /var/core/core_prowler_squid_60001_60001_1168841358_15485 ---snip--- # squid -v Squid Cache: Version 2.5.STABLE12 # file ./squid ./squid: ELF 32-bit MSB executable SPARC Version 1, dynamically linked, not stripped # cat squid.conf | grep -v ^$ | grep -v ^# http_port 8080 icp_port 0 acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 8 MB cache_peer 127.0.0.1 parent 3128 0 proxy-only no-query no-digest no-netdb-exchange login=*:DUMMY_PASSWORD cache_dir ufs /u01/app/squid-front/cache 100 16 256 cache_access_log none cache_store_log none cache_log /dev/null log_fqdn off ftp_user www@xxxxxxxxxxxxx visible_hostname prowler client_persistent_connections off append_domain .dpi.wa.gov.au auth_param ntlm program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 200 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 5 minutes auth_param basic program /usr/local/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 30 auth_param basic realm DPI proxy - use your email username and password auth_param basic credentialsttl 2 hours refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl AuthorizedUsers proxy_auth REQUIRED acl all src 0/0 never_direct allow all acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 acl Safe_ports port 7779 acl Safe_ports port 10003 acl Safe_ports port 12000 acl Safe_ports port 8090 acl Safe_ports port 81 acl Safe_ports port 8080 acl Safe_ports port 8000 acl WINDOWS dstdomain .microsoft.com acl CONNECT method CONNECT always_direct allow WINDOWS never_direct allow all http_access allow manager localhost http_access deny !Safe_ports http_access allow all AuthorizedUsers http_access deny manager http_access deny CONNECT !SSL_ports http_access deny all http_reply_access allow all icp_access allow all cache_mgr proxyadmin@xxxxxxxxxxxxx coredump_dir /u01/app/squid-front/var/cache # ./ntlm_auth -V Version 3.0.21a # file ./ntlm_auth ./ntlm_auth: ELF 32-bit MSB executable SPARC Version 1, dynamically linked, not stripped
