Hi, I recently configured Squid to ssl-bump connections and dynamically generate certificates. I am running Squid 3.3.3 on Ubuntu 13.10. Here is my config file (sorry, long I know): # # Recommended minimum configuration: # # Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed #acl localnet src 10.0.0.0/8 # RFC1918 possible internal network #acl localnet src 172.16.0.0/12 # RFC1918 possible internal network #acl localnet src 192.168.0.0/16 # RFC1918 possible internal network #acl localnet src fc00::/7 # RFC 4193 local private network range #acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines #Use IPv4 (No IPv6 connectivity, yet) dns_v4_first on #HTTP header X-Forwarded-For forwarded_for transparent #Don't change header sent by client #VIA (sends proxy header) via off #Define error directory error_directory /var/www/error #Log query string in access.log strip_query_terms off #Define log file locations access_log /var/log/squid/access.log cache_store_log /var/log/squid/store.log cache_log /var/log/squid/cache.log #Virus scanner icap_enable on icap_send_client_ip on icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav adaptation_access service_req allow all icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav adaptation_access service_resp allow all always_direct allow all ssl_bump server-first #Devices configured to use the proxy. No interception for HTTPS http_port 3128 https_port 3128 cert=/usr/ssl/myCA.pem #Devices configured to use the proxy. Interception for HTTPS http_port 3129 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/ssl/myCA.pem #Devices unconfigured to use the proxy. Sent by the router. http_port 3127 intercept ssl-bump cert=/usr/ssl/myCA.pem https_port 3126 intercept ssl-bump cert=/usr/ssl/myCA.pem acl SSL_ports port 443 # Normal SSL port for HTTPS acl SSL_ports port 8443 # Plesk SSL acl SSL_ports port 2083 # cPanel SSL acl Safe_ports port 80 # http acl Safe_ports port 83 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 631 # CUPS acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl PURGE method PURGE # Deny requests to certain unsafe ports # Deny CONNECT to other than secure SSL ports # # Recommended minimum Access Permission configuration: # # Only allow cachemgr access from localhost # We strongly recommend the following be uncommented to protect innocent # web applications running on the proxy server who think the only # one who can access services on "localhost" is a local user #http_access deny to_localhost # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # ############################################################ #deny_info /dis_intoff.html all #deny_info /dis_cyberattack.html all #deny_info /dis_virus.html all #deny_info /dis_update.html all #deny_info /dis_intdown.html all #http_access deny all ############################################################# acl proxy_ip dst 192.168.0.10 ############################################################## acl wldomains dstdomain "/etc/squid/whitelist.domains.acl" acl gldomains dstdomain "/etc/squid/greylist.domains.acl" ############################################################### acl google_ca_url url_regex google.ca/url acl google_com_url url_regex google.com/url deny_info /blocked-youtube.html youtube_dom acl youtube_dom dstdom_regex .youtube. .googlevideo. deny_info /blocked-ytvid.html youtube_bvidkey acl youtube_bvidkey url_regex "/etc/squid/blocked.ytvidkey.acl" deny_info /blocked-ytch.html youtube_bchvidkey acl youtube_bchvidkey url_regex "/var/www/cron/proxy/blocked_ytautoch.acl" deny_info 302:http://192.168.0.10:3180/error/blocked.jpg ytimg acl ytimg dstdomain .ytimg.com acl youtube url_regex youtube.com/watch ######################################################## acl netflix_bkeys url_regex "/etc/squid/blocked.netflix.acl" ######################################################## #CTV NEWS Video acl ctvnews_keyw url_regex ctvnews acl ctvnews_scorecardresearch dstdomain .scorecardresearch.com ######################################################## deny_info /blocked-domain.html bdomains acl bdomains dstdomain "/etc/squid/blocked.domains.acl" deny_info /blocked-keyw.html bdkeyw acl bdkeyw dstdom_regex -i "/etc/squid/blocked.domainkeyw.acl" deny_info /blocked-keyw.html bkeyw acl bkeyw url_regex -i "/etc/squid/blocked.keywords.acl" ######################################################## deny_info /blocked-domain-ssl.html ssl_bdomains acl ssl_bdomains dstdomain "/etc/squid/blocked.domains.ssl.acl" deny_info /blocked-keyw-ssl.html ssl_bkeyw acl ssl_bkeyw url_regex -i "/etc/squid/blocked.keywords.ssl.acl" #allow https google.ca google.com (will be redirected later in /etc/hosts) acl ssl_googlewww_ca_com dstdomain www.google.com www.google.ca deny_info /blocked-domain-ssl.html ssl_googlewww_o acl ssl_googlewww_o dstdom_regex www.google. ########################################################## #acl dl_ dstdomain "/etc/squid/domainlists//domains" #http_access deny dl_ #################################################### deny_info /inapp.html dl_abortion dl_artnudes dl_lingerie dl_porn dl_sexuality ### acl dl_abortion dstdomain "/etc/squid/domainlists/abortion/domains" acl dl_artnudes dstdomain "/etc/squid/domainlists/artnudes/domains" acl dl_lingerie dstdomain "/etc/squid/domainlists/lingerie/domains" acl dl_porn dstdomain "/etc/squid/domainlists/porn/domains" acl dl_sexuality dstdomain "/etc/squid/domainlists/sexuality/domains" ################### deny_info /v-m-s-p.html dl_malware dl_phishing dl_spyware ### acl dl_malware dstdomain "/etc/squid/domainlists/malware/domains" acl dl_phishing dstdomain "/etc/squid/domainlists/phishing/domains" acl dl_spyware dstdomain "/etc/squid/domainlists/spyware/domains" #################### deny_info /ads.html dl_ads dl_ads_exp ### acl dl_ads dstdomain "/etc/squid/domainlists/ads/domains" acl dl_ads_exp url_regex "/etc/squid/domainlists/ads/expressions" #################### deny_info /proxy.html dl_proxies dl_vpn proxy_keyw_domain vpn_keyw_domain ### acl proxy_keyw_domain dstdom_regex prox acl vpn_keyw_domain dstdom_regex vpn acl dl_proxies dstdomain "/etc/squid/domainlists/proxy/domains" acl dl_vpn dst "/etc/squid/blocked.vpn.acl" ##################################################################### deny_info /ext.html block_ext acl block_ext url_regex -i "/etc/squid/blocked.ext.acl" ##################################################################### deny_info /guestnet.html guestnet deny_info /guest_ports.html guest_ports deny_info /guest_i443.html guest_i443 acl guest_ports port 80 acl guest_ports port 443 acl guest_i443 localport 443 ##################################################################### acl nocache_dstdom dstdomain .apple.com acl nocache_ext url_regex -i \.ipa$ ##################################################################### deny_info 302:http://www.google.com/ google_redirect acl google_redirect dstdomain gogle.ca gogle.com goole.ca goole.com gogoel.ca gogoel.com gogole.ca gogole.com googel.ca googel.com ##################################################################### # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed ######### #IP ACLS# ######### acl localnet src 192.168.0.0/24 acl to_localnet dst 192.168.0.0/24 acl guestnet src 192.168.0.3 acl fakenet src 169.254.0.0/16 acl router src 192.168.0.1 192.168.0.2 acl imac src 192.168.0.11 acl imac_w src 192.168.0.12 acl eh src 192.168.0.13 acl eh_w src 192.168.0.14 acl macmini src 192.168.0.15 acl macmini_w src 192.168.0.16 acl localnetip src 192.168.0.10 acl localip src 127.0.0.1 acl local src localhost acl ethan_ipod src 192.168.0.43 acl ethan_android src 192.168.0.47 acl matthew_ipod src 192.168.0.45 acl lauren_ipod src 192.168.0.46 acl dad_iphone4 src 192.168.0.42 acl mom_iphone src 192.168.0.44 acl dad_iphone3 src 192.168.0.41 acl ipad src 192.168.0.40 acl cctv src 192.168.0.30 acl vera src 192.168.0.31 acl apple_tv src 192.168.0.32 acl samsung_bluray1 src 192.168.0.33 acl samsung_bluray2 src 192.168.0.34 acl wii src 192.168.0.39 ### deny_info /homenet_dhcp.html homenet_dhcp acl homenet_dhcp src 192.168.0.200-192.168.0.249 #ACL must be at bottom of acls - Webmin puts restrictions in order they appear in file, must be last for deny_info deny_info /invisible.html all_invisible acl all_invisible dst all deny_info /autoblock.html inapp_autoblock acl inapp_autoblock dst all ########### #REDIRECTS# ########### http_access deny google_redirect ################## #DENY/ALLOW RULES# ################## cache deny CONNECT cache deny guestnet cache deny nocache_dstdom cache deny nocache_ext http_access allow PURGE localip http_access deny guestnet guest_i443 http_access deny to_localnet guestnet http_access deny guestnet !guest_ports http_access deny homenet_dhcp http_access deny fakenet all_invisible http_access deny fakenet inapp_autoblock http_access deny fakenet http_access deny fakenet http_access deny block_ext http_access allow proxy_ip http_access allow wldomains http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow google_ca_url http_access allow google_com_url http_access deny netflix_bkeys #Don't just block on Youtube domains - also block youtube downloaders that use the video id #http_access deny youtube_dom youtube_bvidkey #http_access deny youtube_dom youtube_bchvidkey http_access deny youtube_bvidkey ytimg http_access deny youtube_bchvidkey ytimg http_access deny youtube_bvidkey http_access deny youtube_bchvidkey http_access allow youtube http_access allow ctvnews_keyw ctvnews_scorecardresearch http_access deny bdomains http_access deny bdkeyw http_access deny bkeyw http_access allow CONNECT ssl_bdomains ethan_ipod http_access allow CONNECT ssl_bkeyw ethan_ipod http_access allow CONNECT ssl_bdomains ethan_android http_access allow CONNECT ssl_bkeyw ethan_android http_access deny CONNECT ssl_bdomains http_access deny CONNECT ssl_bkeyw http_access allow CONNECT ssl_googlewww_ca_com http_access deny CONNECT ssl_googlewww_o http_access allow gldomains http_access deny dl_abortion http_access deny dl_artnudes http_access deny dl_lingerie http_access deny dl_porn http_access deny dl_sexuality http_access deny dl_malware http_access deny dl_phishing http_access deny dl_spyware http_access deny dl_ads http_access deny dl_ads_exp http_access deny proxy_keyw_domain http_access deny vpn_keyw_domain http_access deny dl_proxies http_access deny dl_vpn http_access allow router http_access allow localhost http_access allow localnetip http_access allow localip http_access allow localnet http_access deny all ############# #DELAY POOLS# ############# #Specify number of delay pools delay_pools 4 #Delay Pool 1 delay_class 1 1 delay_access 2 allow guestnet delay_parameters 1 100000/150000 #Delay Pool 2 delay_class 2 1 delay_access 3 allow samsung_bluray1 delay_parameters 2 10000/25000 #Delay Pool 3 delay_class 3 1 delay_access 4 allow fakenet delay_access 1 allow fakenet delay_parameters 3 200000/250000 #Delay Pool 4 (Fast) delay_class 4 1 delay_parameters 4 -1/-1 #COMMENT BELOW TO TURN ON CACHE! cache deny all #UNCOMMENT BELOW TO TURN ON CACHE! # Uncomment and adjust the following to add a disk cache directory. # cache_dir ufs /var/cache/squid 100 16 256 # Leave coredumps in the first cache dir coredump_dir /var/cache/squid # Add any of your own refresh_pattern entries above these. refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 cache_effective_user proxy cache_effective_group proxy #Running out of file descriptors. Change from default 1024 to value specified max_filedescriptors 4096 Squid worked flawlessly until I added the http_port 3129 line with the ssl-bump and generate host certificates. After this, Squid now crashes anywhere from 1 - 12 hours. This is some of the output of my cache.log file (the reconfigure is when I added it, end is when I commented it out to fix it not responding): 2014/04/12 21:40:29 kid1| Reconfiguring Squid Cache (version 3.3.3-20130321-r12517)... 2014/04/12 21:40:29 kid1| Closing HTTP port [::]:3128 2014/04/12 21:40:29 kid1| Closing HTTP port [::]:3129 2014/04/12 21:40:29 kid1| Closing HTTP port 0.0.0.0:3127 2014/04/12 21:40:29 kid1| Closing HTTPS port [::]:3128 2014/04/12 21:40:29 kid1| Closing HTTPS port 0.0.0.0:3126 2014/04/12 21:40:29 kid1| Logfile: closing log stdio:/var/log/squid/store.log 2014/04/12 21:40:29 kid1| Logfile: closing log stdio:/var/log/squid/access.log 2014/04/12 21:40:29 kid1| Startup: Initializing Authentication Schemes ... 2014/04/12 21:40:29 kid1| Startup: Initialized Authentication Scheme 'basic' 2014/04/12 21:40:29 kid1| Startup: Initialized Authentication Scheme 'digest' 2014/04/12 21:40:29 kid1| Startup: Initialized Authentication Scheme 'negotiate' 2014/04/12 21:40:29 kid1| Startup: Initialized Authentication Scheme 'ntlm' 2014/04/12 21:40:29 kid1| Startup: Initialized Authentication. 2014/04/12 21:40:30 kid1| Processing Configuration File: /etc/squid/squid.conf (depth 0) 2014/04/12 21:40:30 kid1| Starting Authentication on port [::]:3127 2014/04/12 21:40:30 kid1| Disabling Authentication on port [::]:3127 (interception enabled) 2014/04/12 21:40:30 kid1| Disabling IPv6 on port [::]:3127 (interception enabled) 2014/04/12 21:40:30 kid1| Starting Authentication on port [::]:3126 2014/04/12 21:40:30 kid1| Disabling Authentication on port [::]:3126 (interception enabled) 2014/04/12 21:40:30 kid1| Disabling IPv6 on port [::]:3126 (interception enabled) 2014/04/12 21:40:37 kid1| WARNING: 'myport' ACL is not reliable for interception proxies. Please use 'myportname' instead. 2014/04/12 21:40:37 kid1| UPGRADE: ACL 'myport' type is has been renamed to 'localport' and matches the port the client connected to. 2014/04/12 21:40:37 kid1| WARNING: HTTP requires the use of Via 2014/04/12 21:40:37 kid1| Initializing https proxy context 2014/04/12 21:40:37 kid1| Initializing http_port [::]:3129 SSL context 2014/04/12 21:40:37 kid1| Using certificate in /usr/ssl/myCA.pem 2014/04/12 21:40:37 kid1| Initializing http_port 0.0.0.0:3127 SSL context 2014/04/12 21:40:37 kid1| Using certificate in /usr/ssl/myCA.pem 2014/04/12 21:40:37 kid1| Initializing https_port [::]:3128 SSL context 2014/04/12 21:40:37 kid1| Using certificate in /usr/ssl/myCA.pem 2014/04/12 21:40:37 kid1| Initializing https_port 0.0.0.0:3126 SSL context 2014/04/12 21:40:37 kid1| Using certificate in /usr/ssl/myCA.pem 2014/04/12 21:40:37 kid1| Logfile: opening log /var/log/squid/access.log 2014/04/12 21:40:37 kid1| WARNING: log parameters now start with a module name. Use 'stdio:/var/log/squid/access.log' 2014/04/12 21:40:37 kid1| Squid plugin modules loaded: 0 2014/04/12 21:40:37 kid1| Adaptation support is on 2014/04/12 21:40:37 kid1| Logfile: opening log /var/log/squid/store.log 2014/04/12 21:40:37 kid1| WARNING: log parameters now start with a module name. Use 'stdio:/var/log/squid/store.log' 2014/04/12 21:40:37 kid1| DNS Socket created at [::], FD 9 2014/04/12 21:40:37 kid1| DNS Socket created at 0.0.0.0, FD 10 2014/04/12 21:40:37 kid1| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2014/04/12 21:40:37 kid1| Adding nameserver 192.168.0.1 from /etc/resolv.conf 2014/04/12 21:40:37 kid1| HTCP Disabled. 2014/04/12 21:40:37 kid1| Loaded Icons. 2014/04/12 21:40:37 kid1| Accepting HTTP Socket connections at local=[::]:3128 remote=[::] FD 11 flags=9 2014/04/12 21:40:37 kid1| Accepting SSL bumped HTTP Socket connections at local=[::]:3129 remote=[::] FD 12 flags=9 2014/04/12 21:40:37 kid1| Accepting NAT intercepted SSL bumped HTTP Socket connections at local=0.0.0.0:3127 remote=[::] FD 13 flags=41 2014/04/12 21:40:37 kid1| Accepting HTTPS Socket connections at local=[::]:3128 remote=[::] FD 14 flags=9 2014/04/12 21:40:37 kid1| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=0.0.0.0:3126 remote=[::] FD 15 flags=41 2014/04/12 21:40:37 kid1| ERROR: listen( FD 14, [::] [ job9832], 1024): (98) Address already in use 2014/04/12 21:50:56 kid1| clientNegotiateSSL: Error negotiating SSL connection on FD 30: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request (1/-1) 2014/04/12 21:52:49 kid1| clientNegotiateSSL: Error negotiating SSL connection on FD 16: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request (1/-1) 2014/04/12 21:54:19 kid1| clientNegotiateSSL: Error negotiating SSL connection on FD 83: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request (1/-1) 2014/04/12 21:56:29 kid1| WARNING: HTTP: Invalid Response: No object data received for https://www.facebook.com/connect/ping?client_id=123026274413041&domain=www.computerworld.com&origin=2&redirect_uri=http%3A%2F%2Fstatic.ak.facebook.com%2Fconnect%2Fxd_arbiter%2F8n77RrR4jg0.js%3Fversion%3D40%23cb%3Df202ceabcc%26domain%3Dwww.computerworld.com%26origin%3Dhttp%253A%252F%252Fwww.computerworld.com%252Ff2c32039bc%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey AKA www.facebook.com/connect/ping?client_id=123026274413041&domain=www.computerworld.com&origin=2&redirect_uri=http%3A%2F%2Fstatic.ak.facebook.com%2Fconnect%2Fxd_arbiter%2F8n77RrR4jg0.js%3Fversion%3D40%23cb%3Df202ceabcc%26domain%3Dwww.computerworld.com%26origin%3Dhttp%253A%252F%252Fwww.computerworld.com%252Ff2c32039bc%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey 2014/04/13 17:57:07 kid1| WARNING: HTTP: Invalid Response: No object data received for https://www.electrolsupply.com/search.php?search=mk15rpnex AKAwww.electrolsupply.com/search.php?search=mk15rpnex 2014/04/13 17:57:07 kid1| WARNING: HTTP: Invalid Response: No object data received for https://www.electrolsupply.com/search.php?search=mk15rpnex AKAwww.electrolsupply.com/search.php?search=mk15rpnex 2014/04/13 17:57:10 kid1| WARNING: HTTP: Invalid Response: No object data received for https://www.electrolsupply.com/images/visa.gif AKAwww.electrolsupply.com/images/visa.gif 2014/04/13 19:54:30 kid1| WARNING: HTTP: Invalid Response: No object data received for https://twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22language%22%3A%22en%22%2C%22client_version%22%3A%221.1%3Am%3Ac%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.ask.com%2Fquestion%2Fhow-fast-does-a-kx-85-go%22%2C%22format_version%22%3A1%2C%22triggered_on%22%3A1397444064380%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D AKA twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22language%22%3A%22en%22%2C%22client_version%22%3A%221.1%3Am%3Ac%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.ask.com%2Fquestion%2Fhow-fast-does-a-kx-85-go%22%2C%22format_version%22%3A1%2C%22triggered_on%22%3A1397444064380%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D 2014/04/13 19:55:41 kid1| WARNING: HTTP: Invalid Response: No object data received for https://twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22language%22%3A%22en%22%2C%22client_version%22%3A%221.1%3Am%3Ac%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.kgbanswers.com%2Fhow-fast-does-an-2008-kx-85-go%2F20871655%22%2C%22format_version%22%3A1%2C%22triggered_on%22%3A1397444135127%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D AKA twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22language%22%3A%22en%22%2C%22client_version%22%3A%221.1%3Am%3Ac%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.kgbanswers.com%2Fhow-fast-does-an-2008-kx-85-go%2F20871655%22%2C%22format_version%22%3A1%2C%22triggered_on%22%3A1397444135127%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D 2014/04/13 19:56:23 kid1| WARNING: HTTP: Invalid Response: No object data received for https://twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22language%22%3A%22en%22%2C%22client_version%22%3A%221.1%3Am%3Ac%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.ask.com%2Fquestion%2Fhow-fast-does-a-kawasaki-kx-85-go%22%2C%22format_version%22%3A1%2C%22triggered_on%22%3A1397444177810%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D AKA twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22language%22%3A%22en%22%2C%22client_version%22%3A%221.1%3Am%3Ac%22%2C%22widget_origin%22%3A%22http%3A%2F%2Fwww.ask.com%2Fquestion%2Fhow-fast-does-a-kawasaki-kx-85-go%22%2C%22format_version%22%3A1%2C%22triggered_on%22%3A1397444177810%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D 2014/04/13 19:56:24 kid1| WARNING: HTTP: Invalid Response: No object data received for https://fbstatic-a.akamaihd.net/rsrc.php/v2/yF/r/_cwLgt2Vdyt.js AKAfbstatic-a.akamaihd.net/rsrc.php/v2/yF/r/_cwLgt2Vdyt.js 2014/04/13 19:56:24 kid1| WARNING: HTTP: Invalid Response: No object data received for https://fbstatic-a.akamaihd.net/rsrc.php/v2/yF/r/_cwLgt2Vdyt.js AKAfbstatic-a.akamaihd.net/rsrc.php/v2/yF/r/_cwLgt2Vdyt.js 2014/04/13 19:56:24 kid1| WARNING: HTTP: Invalid Response: No object data received for https://fbstatic-a.akamaihd.net/rsrc.php/v2/yF/r/_cwLgt2Vdyt.js AKAfbstatic-a.akamaihd.net/rsrc.php/v2/yF/r/_cwLgt2Vdyt.js 2014/04/13 22:08:08 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:08:24 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:08:40 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:08:56 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:09:12 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:09:28 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:09:44 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:10:00 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:10:16 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:10:32 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:10:48 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:11:04 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:11:20 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:11:36 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:11:52 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:12:08 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:12:24 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:12:40 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:12:56 kid1| WARNING! Your cache is running out of filedescriptors 2014/04/13 22:13:08 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:39402 FD 62 flags=33: (2) No such file or directory 2014/04/13 22:13:08 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:39403 FD 63 flags=33: (2) No such file or directory 2014/04/13 22:13:09 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:39404 FD 88 flags=33: (2) No such file or directory 2014/04/13 22:13:09 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:44412 FD 90 flags=33: (2) No such file or directory 2014/04/13 22:13:10 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:39405 FD 92 flags=33: (2) No such file or directory 2014/04/13 22:13:10 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:39406 FD 94 flags=33: (2) No such file or directory 2014/04/13 22:13:11 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:39407 FD 96 flags=33: (2) No such file or directory 2014/04/13 22:13:11 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:45993 FD 98 flags=33: (2) No such file or directory 2014/04/13 22:13:12 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:39408 FD 100 flags=33: (2) No such file or directory 2014/04/13 22:13:12 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:39409 FD 102 flags=33: (2) No such file or directory 2014/04/13 22:13:13 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.0.10:3126 remote=192.168.0.49:39410 FD 104 flags=33: (2) No such file or directory 2014/04/13 22:22:14 kid1| WARNING! Your cache is running out of filedescriptors I would really appreciate any ideas that anyone might have to fix this problem. Thanks!
