紧急,SUIQD+IPTABLES问题求助.恳请各位大大帮助

milanman · 发表于 2004-6-9 08:33:46

小弟紧急求助!!!偶在单位做的代理,用SQUID+IPTABLES实现.运行了一段时间有出现问题.现在只有机器重新启动后一小段时间内可以代理,大概半个小时以后就不能用SQUID的代理了,但是NAT还可以用.而且在代理上也不能访问INTERNET了.新手,新人(刚接触LINUX不久),分析了CACHE.LOG,没发现其他问题.

先帖出我的SQUID的配置文件.望GGJJ们给我看看,有什么问题请指教了.谢谢.
http_port 8080
icp_port 3130
udp_incoming_address 0.0.0.0
udp_outgoing_address 255.255.255.255
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 80 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
cache_dir ufs /var/spool/squid 100 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
dns_nameservers 211.136.18.171 210.52.207.2
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl allow_ip2 src 10.139.0.0/255.255.0.0
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow allow_ip2
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
coredump_dir /var/spool/squid

gugong · 发表于 2004-6-9 09:56:51

而且在代理上也不能访问INTERNET了？？？？

milanman · 发表于 2004-6-9 09:58:54

是的,全都不能用了,只有NAT的还可以用.请指教了

gugong · 发表于 2004-6-9 10:05:22

上网线路的问题？

milanman · 发表于 2004-6-9 10:18:43

线路没有问题,只要机器重新启动后就可以用(单独起SQUID不行).我已经按照置顶的帖子里的设置重新设置了SQUID,还是一样,过大概半个小时就没用了.我看了CACHE.LOG,没有发现其他的问题.
贴一点出来,请帮忙看一下.
2004/06/09 09:27:50| Preparing for shutdown after 27915 requests
2004/06/09 09:27:50| Waiting 30 seconds for active connections to finish
2004/06/09 09:27:50| FD 10 Closing HTTP connection
2004/06/09 09:28:21| Shutting down...
2004/06/09 09:28:21| FD 11 Closing ICP connection
2004/06/09 09:28:21| WARNING: Closing client 10.139.153.46 connection due to lifetime timeout
2004/06/09 09:28:21| Closing unlinkd pipe on FD 9
2004/06/09 09:28:21| storeDirWriteCleanLogs: Starting...
2004/06/09 09:28:21| Finished.  Wrote 7048 entries.
2004/06/09 09:28:21| Took 0.0 seconds (246183.9 entries/sec).
CPU Usage: 66.040 seconds = 28.500 user + 37.540 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 719
Memory usage for squid via mallinfo():
total space in arena: 33972 KB
Ordinary blocks:       32752 KB 354 blks
Small blocks:             0 KB    5 blks
Holding blocks:          200 KB    1 blks
Free Small blocks:       0 KB
Free Ordinary blocks: 1219 KB
Total in use:          32952 KB 97%
Total free:             1219 KB 4%
2004/06/09 09:28:21| Squid Cache (Version 2.5.STABLE1): Exiting normally.
2004/06/09 09:28:22| Starting Squid Cache version 2.5.STABLE1 for i386-redhat-linux-gnu...
2004/06/09 09:28:22| Process ID 2339
2004/06/09 09:28:22| With 1024 file descriptors available
2004/06/09 09:28:22| DNS Socket created at 0.0.0.0, port 32804, FD 5
2004/06/09 09:28:22| Adding nameserver 211.136.18.171 from squid.conf
2004/06/09 09:28:22| Adding nameserver 210.52.207.2 from squid.conf
2004/06/09 09:28:22| errorTryLoadText: '/usr/share/squid/errors/ERR_READ_TIMEOUT': (2) No such file or directory
2004/06/09 09:28:22|  errorTryLoadText: '/usr/share/squid/errors/ERR_FTP_NOT_FOUND': (2) No such file or directory
2004/06/09 09:28:22| Unlinkd pipe opened on FD 9
2004/06/09 09:28:22| Swap maxSize 102400 KB, estimated 7876 objects
2004/06/09 09:28:22| Target number of buckets: 393
2004/06/09 09:28:22| Using 8192 Store buckets
2004/06/09 09:28:22| Max Mem  size: 49152 KB
2004/06/09 09:28:22| Max Swap size: 102400 KB
2004/06/09 09:28:22| Store logging disabled
2004/06/09 09:28:22| Rebuilding storage in /var/spool/squid (CLEAN)
2004/06/09 09:28:22| Using Least Load store dir selection
2004/06/09 09:28:22| Set Current Directory to /var/spool/squid
2004/06/09 09:28:22| Loaded Icons.
2004/06/09 09:28:22| Accepting HTTP connections at 0.0.0.0, port 8080, FD 10.
2004/06/09 09:28:22| Accepting ICP messages at 0.0.0.0, port 3130, FD 11.
2004/06/09 09:28:22| WCCP Disabled.
2004/06/09 09:28:22| Ready to serve requests.
2004/06/09 09:28:22| Store rebuilding is 58.1% complete
2004/06/09 09:28:22| Done reading /var/spool/squid swaplog (7048 entries)
2004/06/09 09:28:22| Finished rebuilding storage from disk.
2004/06/09 09:28:22|    7048 Entries scanned
2004/06/09 09:28:22|       0 Invalid entries.
2004/06/09 09:28:22|       0 With invalid flags.
2004/06/09 09:28:22|    7048 Objects loaded.
2004/06/09 09:28:22|       0 Objects expired.
2004/06/09 09:28:22|       0 Objects cancelled.
2004/06/09 09:28:22|       0 Duplicate URLs purged.
2004/06/09 09:28:22|       0 Swapfile clashes avoided.
2004/06/09 09:28:22| Took 0.4 seconds (16799.9 objects/sec).
2004/06/09 09:28:22| Beginning Validation Procedure
2004/06/09 09:28:22| Completed Validation Procedure
2004/06/09 09:28:22| Validated 7048 Entries
2004/06/09 09:28:22| store_swap_size = 91948k
2004/06/09 09:28:23| storeLateRelease: released 0 objects
2004/06/09 09:29:30| Preparing for shutdown after 48 requests
2004/06/09 09:29:30| Waiting 30 seconds for active connections to finish
2004/06/09 09:29:30| FD 10 Closing HTTP connection
2004/06/09 09:32:42| Starting Squid Cache version 2.5.STABLE1 for i386-redhat-linux-gnu...
2004/06/09 09:32:42| Process ID 1439
2004/06/09 09:32:42| With 1024 file descriptors available
2004/06/09 09:32:42| DNS Socket created at 0.0.0.0, port 32769, FD 5
2004/06/09 09:32:42| Adding nameserver 211.136.18.171 from squid.conf
2004/06/09 09:32:42| Adding nameserver 210.52.207.2 from squid.conf
2004/06/09 09:32:42| errorTryLoadText: '/usr/share/squid/errors/ERR_READ_TIMEOUT': (2) No such file or directory
2004/06/09 09:32:42| errorTryLoadText: '/usr/share/squid/errors/ERR_LIFETIME_EXP': (2) No such file or directory

milanman · 发表于 2004-6-9 10:58:37

看了最近一次的LOG,发现了下面的错误信息
2004/06/09 10:35:43| clientReadRequest: FD 49 Invalid Request
2004/06/09 10:35:44| WARNING: 1 swapin MD5 mismatches
2004/06/09 10:35:45| WARNING: Disk space over limit: 124504 KB > 102400 KB
2004/06/09 10:35:56| WARNING: Disk space over limit: 109080 KB > 102400 KB
[root@jhpost squid]# WARNING: 1 swapin MD5 mismatches
是空间不足引起的问题吗?

		自动登录	找回密码
密码			注册