Hi all.
Squid has a strange behavior: suddenly, it stops writing the log files (access.log and cache.log) for about 30 seconds clients cannot access the cache. Because my proxy is using AD auth, I checked the link between them and
is OK. During the time squid "is down", the number of ext_wbinfo_group_acl processes starts growing until Squid operates normally. My squid box has 4GB of RAM and enough disk space to store the cache.
Here is my squid.conf:
http_port 3128
############################################################################
# Administrative Parameters
############################################################################
visible_hostname Proxy-cache
cache_mgr proxy@xxxxxxxxx
cache_effective_user proxy
error_directory /usr/share/squid3/errors/es
err_page_stylesheet /etc/squid3/style.css
############################################################################
#******************************Ports*************************************#
############################################################################
#acl manager proto cache_object
#acl all src 0.0.0.0/0.0.0.0
#acl localhost src 127.0.0.1/32
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70 #prot gopher
acl Safe_ports port 210 #whais
acl Safe_ports port 280 #http-mgmt
acl Safe_ports port 488 #gss-http
acl Safe_ports port 591 #filemaker
acl Safe_ports port 8080
acl Safe_ports port 2481
acl Safe_ports port 20010
acl Safe_ports port 777 #multi http
#acl purge method PURGE
acl CONNECT method CONNECT
acl_uses_indirect_client on
delay_pool_uses_indirect_client on
log_uses_indirect_client on
http_access allow manager all
http_access deny manager
############################################################################
#*******************HELPERS AD**************************#
############################################################################
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --DOMAIN=DOMAIN
auth_param ntlm children 300 startup=100 idle=50
auth_param ntlm keep_alive off
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 50 startup=20 idle=10
auth_param basic realm proxy
auth_param basic credentialsttl 2 hours
###########################################################################
#****************************ACL******************************************#
###########################################################################
external_acl_type Grupos_AD ttl=10 children-max=300 children-startup=100 children-idle=150 ipv4 %LOGIN /usr/lib/squid3/ext_wbinfo_group_acl
acl proxy external Grupos_AD Users_proxy
############################################################################
#*****************************Rules***************************************#
############################################################################
acl auth proxy_auth REQUIRED
http_access deny !auth
http_access allow proxy all
http_access deny !Safe_ports
http_access deny CONNECT !SSL_PORTS
#http_access allow redlocal
http_access deny all
############################################################################
#*************************Log********************************#
############################################################################
logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
cache_access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
logfile_rotate 0
buffered_logs off
############################################################################
#******************Cache and memory***************************#
############################################################################
cache_dir aufs /var/spool/squid3 30000 16 256
cache_mem 1536 MB
cache_swap_low 80
cache_swap_high 95
maximum_object_size_in_memory 1024 KB
memory_cache_mode always
maximum_object_size 200 MB
minimum_object_size 0 KB
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_store_log none
log_icp_queries off
redirect_rewrites_host_header off
fqdncache_size 51200
############################################################################
# Refresh Pattern Options
############################################################################
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200 90% 432000
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 43200 90% 43200
refresh_pattern -i \.(html|htm|css|js|xhtml)$ 9440 90% 43200
refresh_pattern -i \.index.(html|htm)$ 0 40% 10080
refresh_pattern -i \.(xml|flow)$ 0 90% 100000
refresh_pattern -i \.(json)$ 1440 90% 5760
refresh_pattern -i \.(bin|deb|rpm|drpm|exe|zip|tar|tgz|bz2|ipa|bz|ram|rar|bin|uxx|gz|crl|dll|hz|apk|wtex|hz|tiff)$ 43200 90% 43200
refresh_pattern -i \.(swf|js|wav|css|class|dat|zsci|do|ver|advcs|woff|eps|ttf|svg|svgz|ps|acsm|wm(a|v))$ 43200 90% 43200
#facebook
refresh_pattern ^https://*.facebook.com/* 14400 100% 4320
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3) 14400 80% 10800
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 14400 80% 10800
refresh_pattern fbcdn\.net.*\.(jpg|jpeg|gif|png|ico|mp3|flv) 14400 80% 20080
refresh_pattern static\.ak\.fbcdn\.net.*\.(jpg|jpeg|gif|png|ico|mp3|flv) 14400 80% 20080
#otros
refresh_pattern ^https://*.yahoo.*/.* 720 100% 4320
refresh_pattern ^https://*.gmail.*/.* 720 100% 4320
refresh_pattern ^https://*.google.*/.* 720 100% 4320
refresh_pattern ^https://*.googlesyndication.*/.* 720 100% 4320
refresh_pattern ^http://*.mercadolibre.*/.* 720 100% 4320
refresh_pattern youtube.*videoplay 14400 90% 24400
refresh_pattern youtube.*get_video 14400 90% 24400
refresh_pattern google.*videoplay 14400 90% 24400
refresh_pattern googlevideo.*get_video 14400 90% 24400
refresh_pattern -i ^https?:\/\/.*(gstatic\.com.*).* 1440 99% 14400
refresh_pattern -i ^https:\/\/.*googleapis\.com\/.*\.*\/v2\/code\.google\.com\/.*\.* 10080 80% 43200
refresh_pattern ^.*safebrowsing.*google 10080 80% 10080
refresh_pattern -i gstatic.*/.* 14400 80% 10080
refresh_pattern ytimg\.com\/.*\.(jpg|jpeg|gif|png|ico|mp3|flv|mp4) 14400 90% 24400
refresh_pattern (mt|kh|pap).*\.google\.com 14400 90% 24400
refresh_pattern (mt|kh|pap).*\.googleapis\.com 14400 90% 24400
refresh_pattern s\d+\.dotua\.org\/fsua_items.*\.(jpg|jpeg|gif|png|ico|mp3|flv|mp4) 14400 90% 24400
refresh_pattern .*static\.video\.yandex\.ru\/swf\/.*&r=.* 14400 90% 24400
refresh_pattern vec.*\.maps\.yandex\.net\/tiles\? 14400 90% 20080
refresh_pattern static.*\.maps\.yandex\. 14400 90% 20080
refresh_pattern pvec.*\.maps\.yandex\.net 14400 90% 20080
refresh_pattern lrs\.maps\.yandex\.net\/tiles\? 14400 90% 20080
refresh_pattern yandex\.st\/.*(jpg|jpeg|gif|png|ico|mp3|flv|mp4) 14400 90% 20080
refresh_pattern static\.video\.yandex\.net\/.*(jpg|jpeg|gif|png|ico|mp3|flv|mp4).* 14400 90% 20080
refresh_pattern -i \.*(.*(maps)).* 1440 99% 14400
#refresh_pattern -i (yimg|twimg)\.com\.* 1440 100%
#refresh_pattern -i (ytimg|ggpht)\.com\.* 1440 80% 129600
refresh_pattern -i (photobucket|pbsrc|flickr|yimg|ytimg|twimg|gravatar|ggpht)\.com.*\.(jp(e?g|e|2)|gif|png|tiff?|bmp|swf|mp(4|3)) 14400 99% 14400
refresh_pattern \.(ico|video-stats) 1440 99% 14400
refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 1440 99% 14400
refresh_pattern -i \.disquscdn.\* 14400 90% 20080
#cache microsoft and adobe and other documents
refresh_pattern -i \.(ppt|pptx|doc|docx|docm|docb|dot|pdf|pub|ps)$ 100000 90% 200000 refresh-ims
refresh_pattern -i \.(xls|xlsx|xlt|xlm|xlsm|xltm|xlw|csv|txt)$ 100000 90% 200000 refresh-ims
#refresh_pattern -i windowsupdate.com/.*\.(cab|exe|msi|msu|msf|asf|wma|wmv)|dat|zip)$ 4320 80% 43200
refresh_pattern -i (.+\.||)microsoft.com/.*\.(cab|exe|dll|ms[i|u|f]|asf|wm[v|a]|dat|zip|iso|psf) 10080 100% 172800 refresh-ims
refresh_pattern -i (.+\.||)windowsupdate.com/.*\.(cab|exe|dll|ms[i|u|f]|asf|wm[v|a]|dat|zip|iso|psf) 10080 100% 172800 refresh-ims
#refresh_pattern ([^.]+.)?(download|(windows)?update).(microsoft.)?com/.*.(cab|exe|msi|msp|psf|wma|wmv|msu|msf|dat|zip) 10080 100% 43200 refresh-ims
refresh_pattern . 0 40% 40320
###########################################################################
# Other Options
###########################################################################
quick_abort_min 1024 KB
quick_abort_max 2048 KB
quick_abort_pct 90
memory_pools off
memory_pools_limit 0
ignore_unknown_nameservers on
#negative_ttl 10
request_body_max_size 0 KB
forward_timeout 4 minutes
forwarded_for off
request_header_access X-Forwarded-For deny all
read_timeout 2 minutes
request_timeout 2 minutes
client_lifetime 1 day
half_closed_clients off
shutdown_lifetime 2 second
ipcache_size 51200
ipcache_low 90
ipcache_high 95
icp_port 0
htcp_port 0
icp_access deny all
htcp_access deny all
visible_hostname proxy
client_db on
pinger_enable off
strip_query_terms on
debug_options ALL,1 33,2 28,9
coredump_dir /var/spool/squid3
read_ahead_gap 1 MB
forward_max_tries 25
###########################################################################
# DNS and FTP options
###########################################################################
ftp_passive on
ftp_sanitycheck off
ftp_telnet_protocol off
positive_dns_ttl 6 hours
dns_v4_first on
dns_timeout 2 minutes
negative_dns_ttl 300 seconds
Thanks!
--
@verovan