Squid Proxy very slow

ernie49

Dear all,

I have install pfsense 1.2.2 with Proxy server, Proxy Content filter and Snort. I access the web. But the proxy slow down with webpages with much images. I disabled content filter and delete redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf;redirector_bypass on;redirect_children 3 from proxy server and I get it work.

Here a part of the squid log file:

1239894649.025    737 192.168.1.159 TCP_MISS/302 471 GET http://www.rtl.lu/ - DIRECT/81.92.238.25 text/html
1239894649.077     51 192.168.1.159 TCP_MISS/302 394 GET http://www.rtl.lu/home - DIRECT/81.92.238.25 text/html
1239894649.479    402 192.168.1.159 TCP_MISS/200 57460 GET http://www.rtl.lu/home/ - DIRECT/81.92.238.25 text/html
1239894649.574     94 192.168.1.159 TCP_MISS/304 288 GET http://images.newmedia.lu/rtl2008.lu/styles/global.css? - DIRECT/81.92.238.23 text/css
1239894649.614     39 192.168.1.159 TCP_IMS_HIT/304 261 GET http://images.newmedia.lu/rtl2008.lu/styles/reset.css - NONE/- text/css
1239894649.616     19 192.168.1.159 TCP_IMS_HIT/304 260 GET http://images.newmedia.lu/rtl2008.lu/styles/layouts.css - NONE/- text/css
1239894649.621     32 192.168.1.159 TCP_MISS/304 290 GET http://images.newmedia.lu/rtl2008.lu/styles/content.css - DIRECT/81.92.238.23 text/css
1239894649.656     59 192.168.1.159 TCP_MISS/304 289 GET http://images.newmedia.lu/rtl2008.lu/styles/legacy.css - DIRECT/81.92.238.23 text/css
1239894649.696     39 192.168.1.159 TCP_MISS/304 288 GET http://images.newmedia.lu/rtl2008.lu/styles/print.css? - DIRECT/81.92.238.23 text/css
1239894649.723     26 192.168.1.159 TCP_IMS_HIT/304 261 GET http://images.newmedia.lu/rtl2008.lu/styles/reset.css - NONE/- text/css
1239894649.748     49 192.168.1.159 TCP_MISS/304 290 GET http://images.newmedia.lu/rtl2008.lu/styles/content.css - DIRECT/81.92.238.23 text/css
1239894649.750     44 192.168.1.159 TCP_MISS/304 289 GET http://images.newmedia.lu/rtl2008.lu/styles/legacy.css - DIRECT/81.92.238.23 text/css
1239894649.807     56 192.168.1.159 TCP_MISS/304 296 GET http://images.newmedia.lu/rtl2008.lu/js/prototype.js - DIRECT/81.92.238.23 text/javascript
1239894649.846     38 192.168.1.159 TCP_IMS_HIT/304 268 GET http://images.newmedia.lu/rtl2008.lu/js/scriptaculous/src/scriptaculous.js - NONE/- text/javascript
1239894649.901     54 192.168.1.159 TCP_MISS/304 296 GET http://images.newmedia.lu/rtl2008.lu/js/scriptaculous/src/builder.js - DIRECT/81.92.238.23 text/javascript
1239894649.916     52 192.168.1.159 TCP_MISS/304 296 GET http://images.newmedia.lu/rtl2008.lu/js/scriptaculous/src/effects.js - DIRECT/81.92.238.23 text/javascript
1239894649.926      9 192.168.1.159 TCP_IMS_HIT/304 267 GET http://images.newmedia.lu/rtl2008.lu/js/scriptaculous/src/sound.js - NONE/- text/javascript
1239894649.935     33 192.168.1.159 TCP_MISS/304 296 GET http://images.newmedia.lu/rtl2008.lu/js/scriptaculous/src/slider.js - DIRECT/81.92.238.23 text/javascript
1239894649.937     64 192.168.1.159 TCP_MISS/304 296 GET http://images.newmedia.lu/rtl2008.lu/js/scriptaculous/src/dragdrop.js - DIRECT/81.92.238.23 text/javascript
1239894649.939     66 192.168.1.159 TCP_MISS/304 295 GET http://images.newmedia.lu/rtl2008.lu/js/scriptaculous/src/controls.js - DIRECT/81.92.238.23 text/javascript
1239894649.999     59 192.168.1.159 TCP_MISS/304 297 GET http://images.newmedia.lu/rtl2008.lu/js/rtl.js? - DIRECT/81.92.238.23 text/javascript
1239894650.037     38 192.168.1.159 TCP_MISS/304 296 GET http://images.newmedia.lu/rtl2008.lu/js/swfobject.js - DIRECT/81.92.238.23 text/javascript
1239894650.050     12 192.168.1.159 TCP_IMS_HIT/304 289 GET http://www.rtl.lu/metriweb/mwTag.js - NONE/- application/javascript
1239894650.082     31 192.168.1.159 TCP_IMS_HIT/304 261 GET http://images.newmedia.lu/rtl2008.lu/global/bg.png - NONE/- image/png
1239894650.155    103 192.168.1.159 TCP_MISS/200 344 GET http://rtlu.metriweb.be/dyn/rtlu/mw.cgi? - DIRECT/212.35.126.184 image/gif

Log from block.log

2009-04-16 17:33:48 [14425] Request(Chef_de_service/blk_blacklists_ads/-) http://be.sitestat.com/rtllu/rtllu/s?home.index&ns__t=1239892326900&category=home 192.168.1.159/- - GET REDIRECT
2009-04-16 17:33:48 [14423] Request(Chef_de_service/blk_blacklists_ads/-) http://adserver.adtech.de/addyn|3.0|694|1431994|0|225|ADTECH;loc=100;target=_blank;key=key1+key2+key3+key4;grp=694823665;misc=1239892326900;rdclick= 192.168.1.159/- - GET REDIRECT

Thanks for help.

Kind regards

Ernie

dvserg

How many users you have ?

mhab12

http://forum.pfsense.org/index.php/topic,14673.0.html
http://forum.pfsense.org/index.php/topic,14912.0.html
http://forum.pfsense.org/index.php/topic,14657.0.html
and on and on and on….

ernie49

Sorry for late response,

For dvserg:

We have 35-40 users.

For mhab12:

We already do this

autoboot_delay="1"
vm.kmem_size="435544320"
vm.kmem_size_max="535544320"
kern.ipc.nmbclusters="32768"
kern.maxfiles="65536"
kern.maxfilesperproc="32768"
net.inet.ip.portrange.last="65535"

But nothing change.

I notice that page becomes slow or blocks if some links in the page a blocked from content filter and I obtains with this error

ERROR
The requested URL could not be retrieved
While trying to retrieve the URL: https://192.168.2.18:80/sgerror.php?
The following error was encountered:

Connection to 192.168.2.18 Failed
The system returned:

(60) Operation timed out

The remote host or network may be down. Please try the request again.

ernie49

Ok. I found my error.

I found in this forum that internal https redirection doesn't work for squidguard.

Thanks to all.

Kind regards

Ernie