Squid and Hard Drive caching problem!

acidrain

acidrain

Executive Member
Joined
Jan 7, 2007
Messages
6,966
Reaction score
1,765
Location
At a computer
Hi guys,

I currently have a problem trying to setup disk caching on my squid server. Whenever i enable disk caching the proxy suddenly denies all access and I can't seem to figure out why, disk cache settings seen below.

Code: 
cache_replacement_policy lru

cache_dir ufs /var/spool/squid 26666 20 256

If i comment those two lines, the proxy once again allows access. My access list is as follows:

Code: 
http_access allow localhost
http_access allow password goodsites

# And finally deny all other access to this proxy
http_access deny all

Any help with setting this help would be much appreciated. I think by default there is caching up to 100MB but this is a bit small.

Thanks
 
What happens when you comment out cache_replacement_policy and cache_dir? lru is default, so is ufs, but with 100mb, 16 and 256.
 
If I comment them out and try browse I get the error 'the proxy is refusing connections'.

I then go back into the conf file, comment the two and browsing works again.

Obviously squid is not liking something or I'm missing a setting.
 
well, its either the perms on your cache_dir, or you haven't defined an acl that would allow you to use the proxy, so check the perms, should be proxy:proxy on
a debian box and probably squid:squid on everything else.

still got a problem dump your squid.conf here
 
LOL...welcome to the MyBB forums, unixlaaitjie.

Now what do you want to be a Unix drawer?? I think you wanted to be "unixlaaitie". :p
 
I've commented the disk caching again, but these are my current settings and proxy is working

Code: 
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
acl password proxy_auth REQUIRED                                         
acl badsites dstdomain "/usr/local/etc/blocked-sites.squid"              
acl goodsites dstdomain "/usr/local/etc/allowed-sites.squid"             
acl all src all                                                          
acl manager proto cache_object                                           
acl localhost src 127.0.0.1/32                                           
acl to_localhost dst 127.0.0.0/8                                         
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network      
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network      
acl toady src 172.18.44.96/28                                            
acl marais src 172.18.76.0/29                                            
acl SSL_ports port 443          # https                                  
acl SSL_ports port 563          # snews                                  
acl SSL_ports port 873          # rsync                                  
acl Safe_ports port 80          # http                                   
acl Safe_ports port 21          # ftp                                    
acl Safe_ports port 443         # https                                  
acl Safe_ports port 70          # gopher                                 
acl Safe_ports port 210         # wais                                   
acl Safe_ports port 1025-65535  # unregistered ports                     
acl Safe_ports port 280         # http-mgmt                              
acl Safe_ports port 488         # gss-http                               
acl Safe_ports port 591         # filemaker                              
acl Safe_ports port 777         # multiling http                         
acl Safe_ports port 631         # cups                                   
acl Safe_ports port 873         # rsync
acl Safe_ports port 901         # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow marais
http_access allow password goodsites
http_access deny password badsites
http_access deny all
icp_access allow localnet
icp_access deny all
http_port 6886
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern (Release|Package(.gz)*)$        0       20%     2880
refresh_pattern .               0       20%     4320
acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]
upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
visible_hostname Toady-Home
hosts_file /etc/hosts
coredump_dir /var/spool/squid

As for perms, I did chmod the /var/spool/squid folder as seen below, i assume these permissions should be sufficient

drwsrwsrwt 18 proxy proxy 4096 2010-08-09 07:55 squid
Click to expand...
 
Last edited:
Just as a test try and set the cache_dir parameter to the following.
cache_dir ufs /var/spool/squid 100 16 256 (default settings)
Once you start squid go to /var/spool/squid and see if you have a listing similar to
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F swap.state
Also tail your log file to see if there is any errors when you start squid.
 
If you stop squid, delete everything under /var/spool/squid/, you can run squid -z to re-create the spool, and start squid again. This will ensure your disc cache is fine.
 
Seems to work now. I think it didn't like me changing the L1 without changing the L2 aswell. Kept them at default and just set the cache size to 26GB
 
koffiejunkie said:
If you stop squid, delete everything under /var/spool/squid/, you can run squid -z to re-create the spool, and start squid again. This will ensure your disc cache is fine.
Click to expand...

Should I still follow this since my cache size has changed
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X