nixCraft
Linux / UNIX Tech Support Forum
Squid with squidGuard - Server Creates more processes for squidGuard & then hangs
This is a discussion on Squid with squidGuard - Server Creates more processes for squidGuard & then hangs within the Proxy Servers forums, part of the Mastering Servers category; I have HP Compaq Proliant ML350 server having 1 GB RAM 80GB HDD. On this server i have installed RHEL ...
|
|||||||
| Proxy Servers Discussion about UNIX / Linux caching proxy servers, web proxy, reverse / content filtering proxy server. |
 |
|
|
LinkBack | Thread Tools | Display Modes |
23-09-2008, 04:04 PM
|
|||
|
|||
Squid with squidGuard - Server Creates more processes for squidGuard & then hangs
I have HP Compaq Proliant ML350 server having 1 GB RAM 80GB HDD. On this server i have installed RHEL 4 (Nahant). The output of "uname -a" is "Linux Metro 2.6.9-5.ELsmp #1 SMP Wed Jan 5 19:30:39 EST 2005 i686 i686 i386 GNU/Linux".
I am trying to install squid with squidGuard. The version of squid is "squid-2.5.STABLE6-3" and the squidGuard version is : "squidGuard-1.3". I wanted to authenticate the proxy users thru. pam_auth. Kindly have a look at the attached squid.conf & squidGuard.conf and the /etc/pam.d/squid files. The /etc/squid/squid.conf file looks as under : http_port 172.16.4.4:3128 https_port 172.16.4.4:3128 cert=/etc/squid/cacert.pem key=/etc/squid/privkey.pem hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 2 MB auth_param basic program /usr/lib/squid/pam_auth auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours #auth_param basic casesensitive on refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 quick_abort_min 0 KB quick_abort_max 0 KB acl pam proxy_auth REQUIRED acl password proxy_auth REQUIRED #acl fileupload req_mime_type -i ^multipart/form-data$ #acl javascript rep_mime_type -i ^application/x-javascript$ # #Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT #Recommended minimum configuration: # # Only allow cachemgr access from localhost http_access allow manager localhost pam http_access deny manager # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports # And finally deny all other access to this proxy http_access allow localhost http_access allow password http_access deny all http_reply_access allow all icp_access allow all visible_hostname jagdish@172.16.4.4 httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on coredump_dir /var/spool/squid redirect_program /usr/local/bin/squidGuard -c /usr/local/squidGuard/squidGuard.conf THE /usr/local/squidGuard/squidGuard.conf file looks as under : # # CONFIG FILE FOR SQUIDGUARD # dbhome /usr/local/squidGuard/db logdir /usr/local/squidGuard/log dest porn{ domainlist BL/porn/domains urllist BL/porn/urls redirect Forward to login # redirect http://[redirectedwebsite]/ } acl { default { pass !porn all redirect Forward to login #redirect http://[redirectedwebsite]/ } } THE /etc/pam.d/squid file looks as under : #%PAM-1.0 #auth required pam_stack.so service=system-auth #account required pam_stack.so service=system-auth auth required /lib/security/pam_unix.so account required /lib/security/pam_unix.so session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 The authentication is working. Just after, 5 minutes,starting the squid the machine gets hangs. At this time , i have checked the processes. There are more than 100 processes of "squidGuard -c /usr/local/squidGuard/squidGuard.conf". This should not happen. I think due to this only the proxy server is hanging, but not sure. The output of 'top' command is as follows : Here kindly note the %CPU column. Tasks: 141 total, 31 running, 110 sleeping, 0 stopped, 0 zombie Cpu(s): 98.2% us, 1.3% sy, 0.0% ni, 0.0% id, 0.0% wa, 0.0% hi, 0.5% si Mem: 1034740k total, 613784k used, 420956k free, 40392k buffers Swap: 2008116k total, 0k used, 2008116k free, 308268k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 3680 squid 19 0 3924 1096 916 R 19.4 0.1 0:00.60 squidGuard 3678 squid 19 0 2824 1052 896 R 13.6 0.1 0:00.42 squidGuard 3668 squid 19 0 3724 1128 916 R 11.3 0.1 0:01.90 squidGuard 3669 squid 19 0 4296 1132 916 R 10.7 0.1 0:01.89 squidGuard 3667 squid 20 0 4396 1132 916 R 9.7 0.1 0:01.90 squidGuard 3681 squid 19 0 4200 1056 896 R 9.4 0.1 0:00.29 squidGuard 3682 squid 19 0 4100 1056 896 R 9.4 0.1 0:00.29 squidGuard 3679 squid 19 0 4376 1052 896 R 6.8 0.1 0:00.21 squidGuard 3630 squid 25 0 3956 1344 920 R 6.5 0.1 0:16.59 squidGuard 3631 squid 25 0 3760 1340 920 R 6.5 0.1 0:13.89 squidGuard 3644 squid 25 0 3524 1344 920 R 6.5 0.1 0:14.01 squidGuard 3645 squid 25 0 4504 1340 920 R 6.5 0.1 0:14.80 squidGuard 3647 squid 25 0 3196 1340 920 R 6.5 0.1 0:15.29 squidGuard 3653 squid 25 0 4416 1340 920 R 6.5 0.1 0:11.49 squidGuard 3654 squid 25 0 3356 1328 916 R 6.5 0.1 0:10.79 squidGuard 3655 squid 25 0 3300 1340 916 R 6.5 0.1 0:11.04 squidGuard 3657 squid 25 0 3060 1324 916 R 6.5 0.1 0:10.10 squidGuard 3613 squid 25 0 3308 1340 920 R 4.5 0.1 0:36.97 squidGuard 2529 root 15 0 41948 34m 6240 S 4.2 3.4 6:32.54 X 3632 squid 25 0 3332 1344 920 R 4.2 0.1 0:14.82 squidGuard 3628 squid 25 0 4420 1344 920 R 3.9 0.1 0:30.10 squidGuard 3646 squid 25 0 3488 1340 920 R 3.9 0.1 0:14.09 squidGuard 3615 squid 25 0 4360 1340 920 R 3.6 0.1 0:35.40 squidGuard 3617 squid 25 0 3732 1344 920 R 3.6 0.1 0:37.19 squidGuard 3614 squid 25 0 3196 1344 920 R 3.2 0.1 0:35.80 squidGuard 3629 squid 25 0 3136 1340 920 R 3.2 0.1 0:19.39 squidGuard 3643 squid 25 0 4188 1344 920 R 3.2 0.1 0:14.93 squidGuard 3656 squid 25 0 3596 1332 916 R 3.2 0.1 0:10.61 squidGuard 3666 squid 25 0 4408 1148 916 R 3.2 0.1 0:02.92 squidGuard 3616 squid 25 0 4668 1344 920 R 2.9 0.1 0:34.58 squidGuard 2900 root 15 0 295m 99m 20m S 1.0 9.8 10:49.16 firefox-bin 3100 root 15 0 38612 15m 8952 S 0.6 1.6 0:28.08 gnome-terminal The output of "ps -ef | grep squid" is as follows : root 3609 1 0 15:30 ? 00:00:00 squid -D squid 3613 1 21 15:30 ? 00:00:28 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3614 1 20 15:30 ? 00:00:27 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3615 1 20 15:30 ? 00:00:27 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3616 1 19 15:30 ? 00:00:25 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3617 1 21 15:30 ? 00:00:28 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3628 1 18 15:30 ? 00:00:21 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3629 1 9 15:30 ? 00:00:11 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3630 1 7 15:30 ? 00:00:08 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3631 1 5 15:30 ? 00:00:05 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3632 1 5 15:30 ? 00:00:06 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3643 1 10 15:31 ? 00:00:06 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3644 1 10 15:31 ? 00:00:05 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3645 1 11 15:31 ? 00:00:06 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3646 1 10 15:31 ? 00:00:06 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3647 1 11 15:31 ? 00:00:06 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3652 3609 0 15:32 ? 00:00:00 (squid) -D squid 3653 3652 8 15:32 ? 00:00:03 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3654 3652 6 15:32 ? 00:00:02 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3655 3652 6 15:32 ? 00:00:02 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3656 3652 5 15:32 ? 00:00:02 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3657 3652 5 15:32 ? 00:00:02 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3663 3652 0 15:32 ? 00:00:00 (unlinkd) squid 3666 3652 8 15:32 ? 00:00:00 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3667 3652 10 15:32 ? 00:00:00 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3668 3652 6 15:32 ? 00:00:00 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3669 3652 15 15:32 ? 00:00:00 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf squid 3670 3652 8 15:32 ? 00:00:00 (squidGuard) -c / Also for https sites it gives throws errors. Kindly guide me in this regard to setup a proper proxy. - JAGDISH. 
|
| Sponsored Links | ||
|
|
|
| Tags |
| pam_auth , squid , squidguard |
«
-
|
Proxy server logs
»
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) |
|
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| SuSe hangs on shutdown | lacloai | Linux software | 6 | 13-10-2008 05:14 AM |
| Detect finished/started processes | mrli | Shell scripting | 2 | 14-09-2008 01:07 PM |
| expect script hangs | antzjos | Shell scripting | 0 | 22-05-2008 06:37 PM |
| script hangs when a remote server is down | vikas027 | Shell scripting | 2 | 11-11-2007 03:47 PM |
| Unable to unmount a filesystem because of zombie processes | toor | Linux software | 2 | 28-06-2006 12:13 PM |
All times are GMT +5.5. The time now is 07:37 AM.
