On Tue, 21 Jun 2011 22:15:12 -0300, Fabiano Carlos Heringer wrote:
Hi, My squid is not caching any content, all request is TCP_MISS/200,
Version?
Below my config: http_port 10.0.0.1:3128 http_port 127.0.0.1:80 transparent icp_port 0 pid_filename /var/run/squid.pid cache_effective_user proxy cache_effective_group proxy error_directory /usr/local/etc/squid/errors/Portuguese icon_directory /usr/local/etc/squid/icons visible_hostname localhost cache_mgr admin@localhost access_log /var/squid/logs/access.log cache_log /var/squid/logs/cache.log cache_store_log none logfile_rotate 2 shutdown_lifetime 3 seconds # Allow local network(s) on interface(s) acl localnet src 10.0.0.0/255.255.255.0 uri_whitespace strip cache_mem 24 MB maximum_object_size_in_memory 900 KB memory_replacement_policy lru cache_replacement_policy lru cache_dir ufs /var/squid/cache 100 16 256 minimum_object_size 512 KB
This is a global limit. No object smaller than 512 KB may be stored by this Squid.
maximum_object_size 200 bytes
This is a global limit. No object greater than 200 bytes may be stored by this Squid.
Between them your limits will erase all objects your Squid gets a request for.
offline_mode off cache_swap_low 90 cache_swap_high 95 acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 1025-65535 acl sslports port 443 563 acl manager proto cache_object acl purge method PURGE acl connect method CONNECT refresh_pattern (get_video\?|videoplayback\?|videodownload\?) 5259487 99999999% 5259487 override-expire ignore-reload ignore-private negative-ttl=0 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
This cgi-bin pattern is in the wrong place. It forces non-caching fro any dynamic pages. It will override the file patterns below on a lot of traffic. It should be place immediately above the "." pattern at the end of the refresh_pattern list.
refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private refresh_pattern -i \.(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff|gz)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
Interesting things happen when you turn ignore-private on. Do you have any example cases? (just for my/our interest).
I do know that .tiff format is used in the medical area for personal files (x-rays and other imaging scans) which get transferred over the web between health practitioners down the stages of treatment. Caching and re-using those could lead to some serious side effects. The archive types could also contain personal information.
refresh_pattern -i \.index.(html|htm)$ 0 40% 10080
NP: Both of the dots in the above pattern need to be \.
refresh_pattern -i \.(html|htm|css|js)$ 1440 40% 40320 refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims refresh_pattern download.microsoft.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims refresh_pattern msgruser.dlservice.microsoft.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims refresh_pattern windowsupdate.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims refresh_pattern www.microsoft.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims
NP: you can combine the above pattern rules into one by dropping the initial prefix.
ie:: refresh_pattern -i (windowsupdate|microsoft)\.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims
*** (/cgi-bin/|\?) pattern check goes here.
refresh_pattern . 0 40% 40320 http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !safeports http_access deny CONNECT !sslports http_access allow localhost quick_abort_min 0 KB quick_abort_max 0 KB request_body_max_size 0 KB reply_body_max_size 51200000 deny all
One reason I ask for version is that "deny" is not valid here and the versions which accept ACL controls all expect a unit name.
one of: bytes / KB / MB / GB / TB
delay_pools 1 delay_class 1 2 delay_parameters 1 -1/-1 -1/-1 delay_initial_bucket_level 100 delay_access 1 allow all
This delay pool stuff needs to be removed. It is not doing anything useful, just consuming CPU on every request.
http_access allow localnet http_access deny all in store.log i get only RELEASE -1 FFFFFFFF Any suggestions?
See above. Amos
