Squid 2.6.21 package (1.2.1 RC1 aug 15) Bugs and fixes!

Tikimotel · Aug 18, 2008, 2:43 PM

Two BUGS I fixed!!!

Fix Squid Icons, FTP webfolder browsing.
open "/usr/local/pkg/squid.inc" and add and change lines.

function squid_resync_nac() {
	global $config, $valid_acls;
##############################################
# ----- added -----
#
       $port = ($settings['proxy_port'] ? $settings['proxy_port'] : 3128);
#
# ----- added -----
##############################################
	$settings = $config['installedpackages']['squidnac']['config'][0];
	$webgui_port = $config['system']['webgui']['port'];

	$conf = << <eod<br># Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
##############################################
# ----- changed ----- added $port for Squid Icons!!!
#
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 $port $webgui_port 1025-65535
#
# ----- changed -----
##############################################
acl sslports port 443 563 $webgui_port
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin \?

EOD;</eod<br>

press "save" in the webconfigurator to generate fixed "squid.conf" and reload squid.
test page to see if Squid shows icons: (open in webbrowser)
ftp://ftp.tex.ac.uk/tex-archive/tools/zip/info-zip

Type-o-bug in XML
open "/usr/local/pkg/squid_cache.xml" and add and change lines.

		 <field><fielddescr>Memory replacement policy</fielddescr>
##############################################
# memory_replacement != memory_replacement_policy in "squid.inc" that is why it didn't stick in "squid.conf"!!!
			<fieldname>memory_replacement_policy</fieldname>
###############################################
			<description>The memory replacement policy determines which objects are purged from memory when space is needed.  The default policy for memory replacement is GDSF.  <p> <b> LRU: Last Recently Used Policy </b> - The LRU policies keep recently referenced objects.  i.e., it replaces the object that has not been accessed for the longest time. <p> <b> Heap GDSF: Greedy-Dual Size Frequency </b> - The Heap GDSF policy optimizes object-hit rate by keeping smaller, popular objects in cache.  It achieves a lower byte hit rate than LFUDA though, since it evicts larger (possibly popular) objects.  <p> <b> Heap LFUDA: Least Frequently Used with Dynamic Aging </b> - The Heap LFUDA policy keeps popular objects in cache regardless of their size and thus optimizes byte hit rate at the expense of hit rate since one large, popular object will prevent many smaller, slightly less popular objects from being cached.  <p> <b> Heap LRU: Last Recently Used </b> - Works like LRU, but uses a heap instead. <p> Note: If using the LFUDA replacement policy, the value of Maximum Object Size should be increased above its default of 12KB to maximize the potential byte hit rate improvement of LFUDA.</description>
			<type>select</type>
			<default_value>heap GDSF</default_value>
			 <options><option><name>LRU</name><value>lru</value></option>
				<option><name>Heap LFUDA</name><value>heap LFUDA</value></option>
				<option><name>Heap GDSF</name><value>heap GDSF</value></option>
				<option><name>Heap LRU</name><value>heap LRU</value></option></options></field> 
		 <field><fielddescr>Cache replacement policy</fielddescr>
##############################################
# cache_replacement != cache_replacement_policy in "squid.inc" that is why it didn't stick too!!! 
			<fieldname>cache_replacement_policy</fieldname>
##############################################
			<description>The cache replacement policy decides which objects will remain in cache and which objects are replaced to create space for the new objects.  The default policy for cache replacement is LFUDA.  Please see the type descriptions specified in the memory replacement policy for additional detail.</description>
			<type>select</type>
			<default_value>heap LFUDA</default_value>
			 <options><option><name>LRU</name><value>lru</value></option>
				<option><name>Heap LFUDA</name><value>heap LFUDA</value></option>
				<option><name>Heap GDSF</name><value>heap GDSF</value></option>
				<option><name>Heap LRU</name><value>heap LRU</value></option></options></field>

press "save" in the webconfigurator to generate fixed "squid.conf" and reload squid.

I hope this gets updated into the package, so not everyone needs to edit these files by hand. ;)

trendchiller · Aug 20, 2008, 8:28 PM

fixed … thanks !

trendchiller · Aug 21, 2008, 9:33 AM

but i do not see any changes with ftp-browsing…
and although i'm familiar with squid i cannot get the point why to add the squid port 3128 th the safe-ports list ?

Tikimotel · Aug 21, 2008, 10:12 AM

Without the squid's own port, you would see empty image boxes.
With the port you are able to download and see the anthony-*.gif icons (but they're text-like in this release.)

trendchiller · Aug 21, 2008, 10:33 AM

ok, thanks…

Tikimotel · Aug 21, 2008, 11:42 AM

Ok you might want to fix the default icon directory too. :-[
I named it inside the squid.conf too, eventhough it's the same as with default for squid. (using squid.inc, below "error_directory")
"icon_directory /usr/local/etc/squid/icons"

( other configs say default is "/usr/local/squid/icons" )
It only works with FF, IE doesn't know what to do with a "localhost:3128" link.

Tikimotel · Aug 21, 2008, 1:17 PM

Ok, I've now got IE and FF working with squid icons!!!
previous pic of FF was direct, no proxy… sorry.

Set "Visible hostname" to your router's name, in my case this is "pfsense".

trendchiller · Aug 21, 2008, 7:06 PM

the icons directory is already fixed…

still no changes to see for me :-[

visible hostname is a dns-alias...

here it does not show the icons you put in the screenshot, neither in ie7 nor in FF :-(

Tikimotel · Aug 21, 2008, 8:03 PM

hmm, I had to empty the local IE and FF caches to get it to work as in the uploaded pics.

If I set hostname back to localhost, my clients with FF and IE won't load the pics.
They can't find it on localhost…(is the clients own machine)
pfsense is what I choose on install as my firewall machinename and it resides in the /etc/hosts file on my firewall.
Furthermore I have dnsmasq (a.k.a DNS forwarder) add leases to the dns forwarder and the static mappings too.

trendchiller · Aug 25, 2008, 11:11 PM

ok,i got it… BUT: if I remove the squid-port from the safe-ports list, it shows me the icons, too...
even after deleting the local cache...
and every manual i looked up never told me to add the squid-port to the safe-port-list...

so i guess i'll removing it... for security reasons...