Re-posting to get some HELP :/
-
Hi, i need some clue on why Squid complains about dnsserver processes busy and asks to rise them, i already have dns_children setting at (32), which i believe its the maximum value for that parameter. No sense on Warnings over the cache.log to rise them up isn't?
I guess there is about 400 simultaneous clients (or so), and my state table is around 30000 usually (setted to 50000).
Hello all, i've used pfsense for some time now (mainly for proxy filtering), is installed over HDD, and i've configured squid to do logrotation every twelve hours (on crontab). Is working fine until now, but i don't know how to rotate squidguard's logs. Block.log is getting bigger (about 4 Gb no i guess) and i wish to rotate it. Any help?
Thks in advance.
-
You neglected to post:
- The version of pfSense
- The version of Squid
- The configuration of Squid
- The exact error message (copy and paste)
-
@Cry:
You neglected to post:
- The version of pfSense
- The version of Squid
- The configuration of Squid
- The exact error message (copy and paste)
My mistake. What about log rotation on squidGuard Block.log?
The info asked :)
pfSense version: 1.2.2
Squid package version: 2.6.21_10
squidGuard package version: 1.3-2Error from log:
2009/08/31 17:57:07| WARNING: All dnsserver processes are busy.
2009/08/31 17:57:07| WARNING: up to 59 pending requests queuedSquid.conf
# Do not edit manually ! http_port 192.168.100.1:3128 http_port 127.0.0.1:80 transparent icp_port 0 pid_filename /var/run/squid.pid cache_effective_user proxy cache_effective_group proxy error_directory /usr/local/etc/squid/errors/Spanish icon_directory /usr/local/etc/squid/icons visible_hostname localhost cache_mgr admin@localhost access_log /var/squid/log/access.log cache_log /var/squid/log/cache.log cache_store_log none logfile_rotate 10 shutdown_lifetime 3 seconds # Allow local network(s) on interface(s) acl localnet src 192.168.100.0/255.255.255.0 via off uri_whitespace strip cache_dir aufs /var/squid/cache 100 16 256 cache_mem 8 MB maximum_object_size 4 KB minimum_object_size 0 KB cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF offline_mode off dns_children 32 cache_swap_low 90 cache_swap_high 95 # No redirector configured # Setup some default acls acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535 acl sslports port 443 563 81 acl manager proto cache_object acl purge method PURGE acl connect method CONNECT acl dynamic urlpath_regex cgi-bin \? cache deny dynamic http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !safeports http_access deny CONNECT !sslports # Always allow localhost connections http_access allow localhost request_body_max_size 0 KB reply_body_max_size 0 allow all delay_pools 1 delay_class 1 2 delay_parameters 1 -1/-1 -1/-1 delay_initial_bucket_level 100 delay_access 1 allow all # Allow local network(s) on interface(s) http_access allow localnet # Custom options client_lifetime 60 minutes redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf redirector_bypass on redirect_children 160 # Default block all to be sure http_access deny all -
Are you running a caching DNS server on the pfSense host? If not I'd recommend one since it looks like your problem relates to the speed of response from your DNS server.
-
@Cry:
Are you running a caching DNS server on the pfSense host? If not I'd recommend one since it looks like your problem relates to the speed of response from your DNS server.
No i'm not, do you mean with tiny dns? or with some parameter on dns-forwarder in pfsense or so? any link that i can look at?
Btw, no clue about squidguard's log rotation?Thks for answering me :)
-
What about it - you didn't ask a question.
-
Hello all, i've used pfsense for some time now (mainly for proxy filtering), is installed over HDD, and i've configured squid to do logrotation every twelve hours (on crontab). Is working fine until now, but i don't know how to rotate squidguard's logs. Block.log is getting bigger (about 4 Gb no i guess) and i wish to rotate it. Any help?
It was hidden in the first post ;)
-
No idea about log rotation in SquidGuard.
As for DNS, probably TinyDNS is an option but I've never used it so can't say.
-
All right, thks again :)
