Search squid archive

Re: Squid not caching

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 21 Jun 2011 22:15:12 -0300, Fabiano Carlos Heringer wrote:
Hi,

My squid is not caching any content, all request is TCP_MISS/200,


Version?


Below my config:

http_port 10.0.0.1:3128
http_port 127.0.0.1:80 transparent
icp_port 0

pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/Portuguese
icon_directory /usr/local/etc/squid/icons
visible_hostname localhost
cache_mgr admin@localhost
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
logfile_rotate 2
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  10.0.0.0/255.255.255.0
uri_whitespace strip
cache_mem 24 MB
maximum_object_size_in_memory 900 KB
memory_replacement_policy lru
cache_replacement_policy lru
cache_dir ufs /var/squid/cache 100 16 256
minimum_object_size 512 KB

This is a global limit. No object smaller than 512 KB may be stored by this Squid.

maximum_object_size 200 bytes

This is a global limit. No object greater than 200 bytes may be stored by this Squid.


Between them your limits will erase all objects your Squid gets a request for.


offline_mode off
cache_swap_low 90
cache_swap_high 95
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128
1025-65535
acl sslports port 443 563
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
refresh_pattern (get_video\?|videoplayback\?|videodownload\?) 5259487
99999999% 5259487 override-expire ignore-reload ignore-private
negative-ttl=0
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0

This cgi-bin pattern is in the wrong place. It forces non-caching fro any dynamic pages. It will override the file patterns below on a lot of traffic. It should be place immediately above the "." pattern at the end of the refresh_pattern list.

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200
override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200
90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i
\.(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff|gz)$ 10080 90%
43200 override-expire ignore-no-cache ignore-private

Interesting things happen when you turn ignore-private on. Do you have any example cases? (just for my/our interest).

I do know that .tiff format is used in the medical area for personal files (x-rays and other imaging scans) which get transferred over the web between health practitioners down the stages of treatment. Caching and re-using those could lead to some serious side effects. The archive types could also contain personal information.


refresh_pattern -i \.index.(html|htm)$ 0 40% 10080

NP: Both of the dots in the above pattern need to be \.

refresh_pattern -i \.(html|htm|css|js)$ 1440 40% 40320
refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|msi) 10080
100% 43200 reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe|msi) 10080 100%
43200 reload-into-ims
refresh_pattern msgruser.dlservice.microsoft.com/.*\.(cab|exe|msi)
10080 100% 43200 reload-into-ims
refresh_pattern windowsupdate.com/.*\.(cab|exe|msi) 10080 100% 43200
reload-into-ims
refresh_pattern www.microsoft.com/.*\.(cab|exe|msi) 10080 100% 43200
reload-into-ims

NP: you can combine the above pattern rules into one by dropping the initial prefix.

ie:: refresh_pattern -i (windowsupdate|microsoft)\.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims


 *** (/cgi-bin/|\?) pattern check goes here.

refresh_pattern . 0 40% 40320
http_access allow manager localhost

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
http_access allow localhost
quick_abort_min 0 KB
quick_abort_max 0 KB
request_body_max_size 0 KB
reply_body_max_size 51200000 deny all

One reason I ask for version is that "deny" is not valid here and the versions which accept ACL controls all expect a unit name.
one of:  bytes / KB / MB / GB / TB

delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow all

This delay pool stuff needs to be removed. It is not doing anything useful, just consuming CPU on every request.

http_access allow localnet
http_access deny all


in store.log i get only RELEASE -1 FFFFFFFF

Any suggestions?


See above.

Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux