Squid
-
saya sdh coba jalankan squid -z, hasilx : 2009/09/14 08:21:27| WARNING cache_mem is larger than total disk cache space!
2009/09/14 08:21:27| Creating Swap Directories -
saya sdh coba jalankan squid -z, hasilx : 2009/09/14 08:21:27| WARNING cache_mem is larger than total disk cache space!
2009/09/14 08:21:27| Creating Swap Directories
berhenti sampai disini…................( gak lanjut)tetap klo proxy dijalankan, gak bisa konek,
lognya :Sep 14 08:27:27 squid[6101]: Squid Parent: child process 6321 exited due to signal 6
Sep 14 08:27:49 php: /pkg_edit.php: Starting Squid
Sep 14 08:27:49 squid[6495]: Squid Parent: child process 6497 started
Sep 14 08:27:49 php: /pkg_edit.php: Reloading Squid for configuration sync
Sep 14 08:27:49 squid[6497]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Sep 14 08:27:49 kernel: pid 6497 (squid), uid 62: exited on signal 6
Sep 14 08:27:49 squid[6495]: Squid Parent: child process 6497 exited due to signal 6
Sep 14 08:27:50 check_reload_status: reloading filter
Sep 14 08:27:52 squid[6495]: Squid Parent: child process 6702 started
Sep 14 08:27:53 squid[6702]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Sep 14 08:27:53 kernel: pid 6702 (squid), uid 62: exited on signal 6
Sep 14 08:27:53 squid[6495]: Squid Parent: child process 6702 exited due to signal 6
Sep 14 08:27:56 squid[6495]: Squid Parent: child process 6741 started
Sep 14 08:27:56 squid[6741]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Sep 14 08:27:56 kernel: pid 6741 (squid), uid 62: exited on signal 6
Sep 14 08:27:56 squid[6495]: Squid Parent: child process 6741 exited due to signal 6
Sep 14 08:27:59 squid[6495]: Squid Parent: child process 6840 started
Sep 14 08:28:00 squid[6840]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Sep 14 08:28:00 kernel: pid 6840 (squid), uid 62: exited on signal 6
Sep 14 08:28:00 squid[6495]: Squid Parent: child process 6840 exited due to signal 6
Sep 14 08:28:03 squid[6495]: Squid Parent: child process 6885 started
Sep 14 08:28:04 squid[6885]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Sep 14 08:28:04 kernel: pid 6885 (squid), uid 62: exited on signal 6
Sep 14 08:28:04 squid[6495]: Squid Parent: child process 6885 exited due to signal 6
Sep 14 08:28:04 squid[6495]: Exiting due to repeated, frequent failures
Sep 14 08:28:19 Squid_Alarm[6981]: Squid has exited. Reconfiguring filter.
Sep 14 08:28:19 Squid_Alarm[6983]: Attempting restart…
Sep 14 08:28:19 squid[6990]: Squid Parent: child process 6993 started
Sep 14 08:28:20 squid[6993]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Sep 14 08:28:20 kernel: pid 6993 (squid), uid 62: exited on signal 6
Sep 14 08:28:20 squid[6990]: Squid Parent: child process 6993 exited due to signal 6
Sep 14 08:28:22 Squid_Alarm[7029]: Reconfiguring filter…
Sep 14 08:28:23 squid[6990]: Squid Parent: child process 7034 started
Sep 14 08:28:24 squid[7034]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Sep 14 08:28:24 kernel: pid 7034 (squid), uid 62: exited on signal 6
Sep 14 08:28:24 squid[6990]: Squid Parent: child process 7034 exited due to signal 6
Sep 14 08:28:24 Squid_Alarm[7139]: Squid has resumed. Reconfiguring filter.
Sep 14 08:28:27 squid[6990]: Squid Parent: child process 7210 started
Sep 14 08:28:27 squid[7210]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Sep 14 08:28:27 kernel: pid 7210 (squid), uid 62: exited on signal 6
Sep 14 08:28:27 squid[6990]: Squid Parent: child process 7210 exited due to signal 6
Sep 14 08:28:30 squid[6990]: Squid Parent: child process 7245 started
Sep 14 08:28:31 squid[7245]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Sep 14 08:28:31 kernel: pid 7245 (squid), uid 62: exited on signal 6
Sep 14 08:28:31 squid[6990]: Squid Parent: child process 7245 exited due to signal 6
Sep 14 08:28:34 squid[6990]: Squid Parent: child process 7281 started
Sep 14 08:28:34 squid[7281]: Failed to verify one of the swap directories, Check cache.log for details. Run 'squid -z' to create swap directories if needed, or if running Squid for the first time.
Sep 14 08:28:34 kernel: pid 7281 (squid), uid 62: exited on signal 6
Sep 14 08:28:34 squid[6990]: Squid Parent: child process 7281 exited due to signal 6
Sep 14 08:28:34 squid[6990]: Exiting due to repeated, frequent failures -
WARNING cache_mem is larger ,
Bro ini sudah jelas ada msalah dengan Cache anda kemungkinan cache anda besar, coba di perkecilSalam
kambeeng -
coba cek yah,
biasanya di proxy gui nya, ada command2 yang salah di bagian option command, coba diilangkan dulu… kemudian restart pfsense nya... -
bukan cachenya besar om kambeeng, tapi kebesaran… masa' cache_mem lebih besar dari cache_dir nya nya???
-
yups intinya gitu :D
-
tadinya saya juga berfikir seperti itu om, tapi apa iya ini kebesaran ?
( konfigurasi cache manajement ) =Hard disk cache size = 10
memoricache = 8
minimum object = 0
maksimum object = 1000
Level 1 subdirectories = 128
Low-water-mark in 90 %
High-water-mark in 95 %oh iya , ram nativenya = 512
hardisk = 8 gbthax
-
tolong, om2 sekalian
konfigurasi proxy yg benar mulai dari general setting sampai local usernya serta cache managemen yg ideal u/ resource seperti diatas ?thax
-
knapa ya mas habis restart
squid.conf saya balik ke default lagi
padahal dah di tunning bagus2 T.T -
knapa ya mas habis restart
squid.conf saya balik ke default lagi
padahal dah di tunning bagus2 T.Tsudah banyak dibahas di forum.,, :D
masukkan aja config anda di squid.inc -
knapa ya mas habis restart
squid.conf saya balik ke default lagi
padahal dah di tunning bagus2 T.Tsudah banyak dibahas di forum.,, :D
masukkan aja config anda di squid.incbisa di perjelas mas ?
cara masukin gmn ?
maaf, masih newbie ;D
saya pake pfSense-1.2.3-RC3o iya mas mau nanya lagi
waktu client warnet saya make proxies.telkom.net.id:8080
proxy nya ke bypass, ngga redirect ke port 3128
padahal port nya udah saya forward 8080 ke 3128
jadi website yang saya block bisa di buka sama client.
gmn solusi nya mas ? -
ini lagi ngaco banget !!!
emang bisa proxy di forward ke proxy lagi ????yang bisa itu, proxymu di parent ke proxy telkom, jangan bermain forwarding di pf, jaka sembung baca bobo, gak nyambung bo…:)
tambahin di squid .inc
cache_peer proxies.telkom.net.id parent 8080 3130 no-query connect-timeout=10 no-digest no-netdb-exchange default
cache_peer 202.134.0.135 sibling 8080 3130 round-robin no-query connect-timeout=10 no-digest no-netdb-exchangedari nubie
-
ini lagi ngaco banget !!!
emang bisa proxy di forward ke proxy lagi ????yang bisa itu, proxymu di parent ke proxy telkom, jangan bermain forwarding di pf, jaka sembung baca bobo, gak nyambung bo…:)
tambahin di squid .inc
cache_peer proxies.telkom.net.id parent 8080 3130 no-query connect-timeout=10 no-digest no-netdb-exchange default
cache_peer 202.134.0.135 sibling 8080 3130 round-robin no-query connect-timeout=10 no-digest no-netdb-exchangedari nubie
bisa mas
bikin di Firewall NAT
di interface : WAN
external address nya : any
protocol : TCP
External port range : 8080
NAT IP : 192.168.0.x
Local port : 3128ntar kalo user warnet pake proxy free high anynomous proxy 8080
lansung ke forward ke proxy pfsense saya.
jadi ngga ke bypass squid nya -
ini lagi ngaco banget !!!
emang bisa proxy di forward ke proxy lagi ????yang bisa itu, proxymu di parent ke proxy telkom, jangan bermain forwarding di pf, jaka sembung baca bobo, gak nyambung bo…:)
tambahin di squid .inc
cache_peer proxies.telkom.net.id parent 8080 3130 no-query connect-timeout=10 no-digest no-netdb-exchange default
cache_peer 202.134.0.135 sibling 8080 3130 round-robin no-query connect-timeout=10 no-digest no-netdb-exchangedari nubie
bisa mas
bikin di Firewall NAT
di interface : WAN
external address nya : any
protocol : TCP
External port range : 8080
NAT IP : 192.168.0.x
Local port : 3128ntar kalo user warnet pake proxy free high anynomous proxy 8080
lansung ke forward ke proxy pfsense saya.
jadi ngga ke bypass squid nyasyntax yang kamu buat salah,
bukan di interface WAN, tapi di LAN,kalau tujuannya memfoward request destination port 8080 dari client (LAN) di forward ke port proxy kamu
itu artinya, bukan proxy di forward ke proxy lagi, tapi memfilter setiap destinatoin port 8080 di forward ke port proxymu,
di proxy servers freebsd yang pernah saya install (bukan pfsense) dengan user > 2000 client, sy paksa semua client ke proxy, jadi port2 proxy yang bertebaran di free proxy dr mulai port 80,3128,8000,8181,8080 dst saya paksa ke port 3128,
trus yang parah lagi punyamu, kenapa port 443/https di forward juga ke proxy?
ini sungguh lucu bagi seorang administrator jaringan,
developer squid sendiri sangat menghindari https utk di cache.kamu ngerti enggak definisi https ?
dan ngerti enggak definisi proxy ? -
ini lagi ngaco banget !!!
emang bisa proxy di forward ke proxy lagi ????yang bisa itu, proxymu di parent ke proxy telkom, jangan bermain forwarding di pf, jaka sembung baca bobo, gak nyambung bo…:)
tambahin di squid .inc
cache_peer proxies.telkom.net.id parent 8080 3130 no-query connect-timeout=10 no-digest no-netdb-exchange default
cache_peer 202.134.0.135 sibling 8080 3130 round-robin no-query connect-timeout=10 no-digest no-netdb-exchangedari nubie
bisa mas
bikin di Firewall NAT
di interface : WAN
external address nya : any
protocol : TCP
External port range : 8080
NAT IP : 192.168.0.x
Local port : 3128ntar kalo user warnet pake proxy free high anynomous proxy 8080
lansung ke forward ke proxy pfsense saya.
jadi ngga ke bypass squid nyasyntax yang kamu buat salah,
bukan di interface WAN, tapi di LAN,kalau tujuannya memfoward request destination port 8080 dari client (LAN) di forward ke port proxy kamu
itu artinya, bukan proxy di forward ke proxy lagi, tapi memfilter setiap destinatoin port 8080 di forward ke port proxymu,
di proxy servers freebsd yang pernah saya install (bukan pfsense) dengan user > 2000 client, sy paksa semua client ke proxy, jadi port2 proxy yang bertebaran di free proxy dr mulai port 80,3128,8000,8181,8080 dst saya paksa ke port 3128,
trus yang parah lagi punyamu, kenapa port 443/https di forward juga ke proxy?
ini sungguh lucu bagi seorang administrator jaringan,
developer squid sendiri sangat menghindari https utk di cache.kamu ngerti enggak definisi https ?
dan ngerti enggak definisi proxy ?mas… mas... jgn dimarahin dong...
saya kan newbie bukan network administrator di perusahan besar kayak airputih nya mas
saya install di warnet saya aja..
saya baru semester 1 di TI univ putra indonesia
jadi santai aja mas.saya baca tutorial di
http://agngwb.blogspot.com/2008/08/setting-multi-speedy-dgn-pf-sense.htmljadi kalo soal https yang di cache tanya sama mas agung yg bikin blog itu
saya cuman ngikutin artikel nya diakalo bikin di interface LAN ngga jalan
thanks bgt si mas mau bantu tapi cara nulis posting nya saya ngga suka
disini saya belajar mas.. tanya jawab,.. bukan tes ilmu.. -
saya juga gak suka postinganmu disini :
http://forum.pfsense.org/index.php?topic=19905.msg102584#msg102584
jadi saya mohon maaf ya …
mengenai port 443 di paksa ke port squid, itu berbahaya, bagi yang iseng, user & pass utk login (email, forum) bisa disniff, di squid sudah ada metode menbypassnya, dengan acl CONNECT method CONNECT
bahkan chat (YM, MSN, dll) bisa di paksa ke proxy,
ini sangat tidak etis bagi kenyamanan client, kecuali kita mau mengobok2 privacy client.
soalnya saya pernah punya kasus dengan hal ini, di suruh ngelog chat, dan log chatnya di kasih ke seseorang, eh yang di salahin saya sama pacarnya, shit !!!!! -
@chiboik, benarkan link anda yang dirujuk om grage95 jika tidak ingin disalahkan orang lain.
-
maap,
ane bingung ma bro chiboik,
napa kudu ngforward port2 443 8080 ke proxy juga?
kalo ente maenan transparent, kudunya ini ga perlu…. malahan jadinya ngribetin. apalagi cumin kapasitas warnet, rasanya jadi aneh bro....ato, karena 443 memang di proxykan untuk kek webmail gmail, yahoo etc di login page nya??? ntaran nya malah aneh loh brow, suka masalah di cookie expired nya... CMIIW
-
Nuwun sewu Kanda-kanda, Q punya masalah dengan Cache_peer untuk akses ICP ke Pfsense,
Saya punya 2 server Pakai Pfsense 1.2.3 RC3, squid-2.6.21 semua.terus Aku pingin server pfsense itu Q jadikan sibling dari server satunya :
Pfsense Utama 2 NIC :
- WAN interface (rl0) : 192.168.0.2- ke speedy1
- LAN interface (re0) : 192.168.1.1 - client(HUB)
Squid.conf :
http_port 192.168.1.1:3128
http_port 127.0.0.1:80 transparent
icp_port 3130acl hotspot src 192.168.1.200
icp_access allow hotspot
miss_access allow hotspot==========================
Pfsense kedua 3 NIC :- WAN interface (rl0) : 192.168.3.2 - ke speedy2
- LAN interface (re0) : 192.168.4.1 - client
- lansibling interface (fxp0) : 192.168.1.200 - untuk sibling ke server utama ( LAN interface (re0) : 192.168.1.1 - client(HUB))
Squid.conf :
http_port 192.168.4.1:3128
http_port 127.0.0.1:80 transparent
icp_port 3130cache peer
cache_peer 192.168.1.1 sibling 3128 3130 no-digest no-netdb-exchange
======
Tapi kok tidak bisa ada DEAD SIBLING 192.168.1.1 ??? ??? ??? -
confignya sih bener,
coba di trace satu2
1. test services icp jalan enggak, dengan telnet ke port 3130 atau cek portnya udah listen belum netstat -a -n | egrep 'Proto|LISTEN'
2. cek firewall apakah ngeblok port icp (nmap localhost)
3. cek rules dengan command pfctl -sr | grep 3130
4. cek dari pfsense parents peer squidclient -p 3128 cache_object://localhost/config | grep -i icp
5. cek dari pfsense client peer: squidclient -p 3128 cache_object://localhost/server_list