|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 redirection loop can only occurs when reqwiter or NAT misconfigured. On early Squid versions to avoid loops was used: # Rewriter cycle workaround url_rewrite_access deny localhost rule. Somewhere in your configuration occurs redirector looping. But I can't see URL rewriter in your config. This is looped configuration? 23.01.2015 17:37, Odhiambo Washington пишет: > So for the past few days I have been struggling with Squid in intercept mode on FreeBSD-10.1. > > Using the same squid.conf for Squid-3.4.10 and Squid-3.5.1 and the same Firewall rules (I have tested with IPFilter and PF and these rules work with Squid-2.7.9 on several FreeBSD boxes that I have): > > 1. Squid-3.5.1 has completely refused to play along - always complaining about "loop detected" and hence denying all requests > 2. Squid-3.4.10 plays along, BUT has so much complaints in cache.log as below: > > 2015/01/23 13:26:43| Set Current Directory to /usr/local/squid/logs > 2015/01/23 13:26:43| Set Current Directory to /usr/local/squid/logs > 2015/01/23 13:26:43| Starting Squid Cache version 3.4.10 for amd64-portbld-freebsd10.1... > 2015/01/23 13:26:43| Process ID 15770 > 2015/01/23 13:26:43| Process Roles: master worker > 2015/01/23 13:26:43| With 114417 file descriptors available > 2015/01/23 13:26:43| Initializing IP Cache... > 2015/01/23 13:26:43| DNS Socket created at [::], FD 5 > 2015/01/23 13:26:43| DNS Socket created at 0.0.0.0, FD 6 > 2015/01/23 13:26:43| Adding domain ili.or.ug <http://ili.or.ug> from /etc/resolv.conf > 2015/01/23 13:26:43| Adding nameserver 127.0.0.1 from /etc/resolv.conf > 2015/01/23 13:26:43| helperOpenServers: Starting 5/15 'ssl_crtd' processes > 2015/01/23 13:26:43| helperOpenServers: Starting 10/15 'ut-squidbooster' processes > 2015/01/23 13:26:43| Logfile: opening log stdio:/usr/local/squid/logs/access.log > 2015/01/23 13:26:43| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec > 2015/01/23 13:26:43| Store logging disabled > 2015/01/23 13:26:43| Swap maxSize 104857600 + 131072 KB, estimated 8076051 objects > 2015/01/23 13:26:43| Target number of buckets: 403802 > 2015/01/23 13:26:43| Using 524288 Store buckets > 2015/01/23 13:26:43| Max Mem size: 131072 KB > 2015/01/23 13:26:43| Max Swap size: 104857600 KB > 2015/01/23 13:26:43| Rebuilding storage in /usr/local/squid/cache (dirty log) > 2015/01/23 13:26:43| Using Least Load store dir selection > 2015/01/23 13:26:43| Set Current Directory to /usr/local/squid/logs > 2015/01/23 13:26:43| Finished loading MIME types and icons. > 2015/01/23 13:26:43| HTCP Disabled. > 2015/01/23 13:26:43| Pinger socket opened on FD 45 > 2015/01/23 13:26:43| Squid plugin modules loaded: 0 > 2015/01/23 13:26:43| Adaptation support is off. > 2015/01/23 13:26:43| Accepting NAT intercepted HTTP Socket connections at local=[::]:13128 remote=[::] FD 40 flags=41 > 2015/01/23 13:26:43| Accepting HTTP Socket connections at local=[::]:13127 remote=[::] FD 41 flags=9 > 2015/01/23 13:26:43| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=[::]:13129 remote=[::] FD 42 flags=41 > 2015/01/23 13:26:43| Accepting ICP messages on [::]:3130 > 2015/01/23 13:26:43| Sending ICP messages from [::]:3130 > 2015/01/23 13:26:43| pinger: Initialising ICMP pinger ... > 2015/01/23 13:26:43| pinger: ICMP socket opened. > 2015/01/23 13:26:43| pinger: ICMPv6 socket opened > 2015/01/23 13:26:43| Store rebuilding is 50.88% complete > 2015/01/23 13:26:43| Done reading /usr/local/squid/cache swaplog (7861 entries) > 2015/01/23 13:26:43| Finished rebuilding storage from disk. > 2015/01/23 13:26:43| 7845 Entries scanned > 2015/01/23 13:26:43| 0 Invalid entries. > 2015/01/23 13:26:43| 0 With invalid flags. > 2015/01/23 13:26:43| 7829 Objects loaded. > 2015/01/23 13:26:43| 0 Objects expired. > 2015/01/23 13:26:43| 16 Objects cancelled. > 2015/01/23 13:26:43| 0 Duplicate URLs purged. > 2015/01/23 13:26:43| 0 Swapfile clashes avoided. > 2015/01/23 13:26:43| Took 0.05 seconds (168735.72 objects/sec). > 2015/01/23 13:26:43| Beginning Validation Procedure > 2015/01/23 13:26:43| Completed Validation Procedure > 2015/01/23 13:26:43| Validated 7829 Entries > 2015/01/23 13:26:43| store_swap_size = 457188.00 KB > 2015/01/23 13:26:44| storeLateRelease: released 0 objects > 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x804ce9b78 dns_internal.cc:1131 > 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x804b1d7d8 ipcache.cc:353 > 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x8048b2698 Checklist.cc:45 > 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x804b1d7d8 Checklist.cc:160 > 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x804b1b618 helper.cc:856 > 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x804b1d7d8 redirect.cc:176 > 2015/01/23 13:26:47| CBDATA memory leak. cbdata=0x8049e9498 store_client.cc:337 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x804ce9b78 ipcache.cc:353 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8048b27d8 Checklist.cc:45 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8094c8058 store_client.cc:154 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8049e9498 store_client.cc:337 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8049e9498 store_client.cc:337 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8094c6058 CommCalls.cc:21 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8094c8058 store_client.cc:154 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8049e9498 store_client.cc:337 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x804ab8458 CommCalls.cc:21 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8094c8058 store_client.cc:154 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8049e9498 store_client.cc:337 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x804b1d718 clientStream.cc:235 > 2015/01/23 13:26:48| CBDATA memory leak. cbdata=0x8048b2558 Checklist.cc:320 > > I am running squid like: > /usr/local/sbin/squid -f /usr/local/etc/squid/squid.conf -N > > I do not see any coredumps with this scenario even when I run with -NCd1 > > For the time being I have opted to run squid with cache_log set to /dev/null. Not elegant at all. > > So my questions: > > Is anyone else here successfully running squid (3.4.10 or 3.5.x) in intercept mode on FreeBSD 10.x using either PF or IPFilter? > > I'd really love to compare notes. Maybe that will help clear my current brain-lock! > > Technically, I have reached my /etc on this one. > > My squid.conf is available at http://pastebin.com/L16cDmRp > > > > > > -- > Best regards, > Odhiambo WASHINGTON, > Nairobi,KE > +254733744121/+254722743223 > "I can't hear you -- I'm using the scrambler." > > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJUwjdEAAoJENNXIZxhPexGgB0IALoQUrOwWHmn75BZxXtFynCs KspBiPlLnCx0o/bv5mjmyeQChEeH/vAelMupIAvfF7tHnfX1No7JJ6zXuULNfkka 0rvBVpbqqP6XZwVnS8Bfqwan4za7nvt5g3Fasj0Qw/bx9n0QF9roUOsPr7QeudmM SoKE45QXsoaznW8+ObE+oRM4108qpEDZb6IuWTAO7hFu4hyctvAw6LcAU718gu43 AW8D2RrSGQaKoE75ah+PblopkjjoQxj1ycg0lgbt5h37DiNuP7flN5VSz/vahbkg Z27L/PWRipmblfp2fsoHWJjNBCgd8fcfbdRifPD/gMSs23de/FAGUu6liMNdaqU= =Qy97 -----END PGP SIGNATURE----- |
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
