On Wednesday 29 July 2020 14:50:11 Amos Jeffries wrote: > On 29/07/20 1:07 pm, Contato - KONNTROL wrote: > > Hello Everyone, > > Greetings. > > > > Background: > > OS - FreeBSD 12.1 > > SQUID ver 4.10 > > OpenSSL 1.0.2u > > > > I am trying to use SQUID in front of E2Guardian (content filter) with the > > following configuration at the SQUID side. > > > > ### > > cache_peer 127.0.0.1 parent 8080 0 login=*:password > > client_persistent_connections on > > always_direct deny all > > never_direct allow all > > ### > > > > It works fine till the point SQUID exhausts all E2Guardian > > threads/workers, no matter the amount you set. If 1000, SQUID is opening > > 1000 connections. If 10.000, squid also opens 10.000 connections. > > I tried the directive "client_persistent_connections on and off" with no > > success. > > Even using a single browser for testing purposes, for some reason SQUID > > opens thousands of connections against the E2guardian. > > I did a wireshark capture to "see" what is happening and it seems like a > > lot of ACK/SYN with no payload. > > > > Any idea? Maybe I am using a wrong configuration. > > You are. BUT, I think you have a forwarding loop happening so the > correct config for limiting connections will not help. > > You should be able to test for loops by enabling the Via header. If your > squid.conf contains "via off" remove that line. Assuming e2g is not > removing that header Squid will reject loops with an error message. Setting an other "visible_hostname" may also help. Klaus --- genua GmbH Domagkstrasse 7, 85551 Kirchheim bei Muenchen tel +49 89 991950-0, fax -999, www.genua.de Geschaeftsfuehrer: Matthias Ochs, Marc Tesch Amtsgericht Muenchen HRB 98238 genua ist ein Unternehmen der Bundesdruckerei-Gruppe. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
