[SHARE] Update Lusca Release - r14371 (November 18, 2009)

zass

Salam , mahu bertanya, bagaimana mahu aktifkan SNMP ,  sudah cuba baca di cacti forum , tapi tak berhasil

T/K
zass

grage95


download package pfSense Lusca Release - r14371 (November 18, 2009) with patch + snmp + arp

pkg_delete lusca*
or
pkg_delete squid*

and then install
pkg_add -rv http://squid-proxy-pkg.googlecode.com/files/lusca-pfsense-arp-snmp-r14371_2.tbz

enable snmp on squid.inc

acl snmp_host src 127.0.0.1
snmp_port 3401
acl snmppublic snmp_community public
snmp_access allow snmppublic snmp_host
snmp_access deny all

info :
build with

pf-bsd72# squid -v
Squid Cache: Version LUSCA_HEAD
configure options:  '--bindir=/usr/local/sbin' '--sbindir=/usr/local/sbin' '--datadir=/usr/local/etc/squid' '--libexecdir=/usr/local/libexec/squid' '--localstatedir=/usr/local/squid' '--sysconfdir=/usr/local/etc/squid' '--enable-removal-policies=heap' '--disable-linux-netfilter' '--disable-linux-tproxy' '--disable-epoll' '--with-pthreads' '--enable-storeio=aufs coss' '--enable-delay-pools' '--enable-snmp' '--disable-carp' '--disable-wccp' '--disable-ident-lookups' '--enable-arp-acl' '--enable-pf-transparent' '--with-large-files' '--enable-large-cache-files' '--enable-err-languages=English' '--enable-default-err-language=English' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' '--build=i386-portbld-freebsd7.2' 'build_alias=i386-portbld-freebsd7.2' 'CC=cc' 'CFLAGS=-O2 -pipe -funroll-loops -ffast-math  -fno-strict-aliasing' 'LDFLAGS=' 'CPPFLAGS='

patch with  : aggressive.patch, 2451x.patch,lusca-vary.patch,loop2.patch (fix bug looping for use store_url_rewrite)

tips install squidstats

pkg_add -rv squidstats

after finisih, lets go config

_mkdir -p /var/db/squidstats/graphs
mkdir -p /var/db/squidstats/rrd
chown www:wheel /var/db/squidstats/graphs
chown proxy:wheel /var/db/squidstats/rrd

ln -s /var/db/squidstats/graphs /usr/local/www/data/
ln -s /usr/local/www/cgi-bin/graph-summary.cgi /usr/local/www/graph-summary.cgi
su -m proxy -c "/usr/local/bin/squidstats.pl createdb"
su -m proxy -c "/usr/local/bin/squidstats.pl gather 2"_
edit /etc/crontab
add this line

*/5  *  *  *  *    /usr/local/bin/squidstats.pl gather 2 > /dev/null

restart crontab /etc/rc.d/cron restart

test open with your browser

http://your-ip/graph-summary.cgi

zass

Ertinya kalau saya buat sampai di sini saja :

"pkg_delete lusca*
or
pkg_delete squid*

and then install
pkg_add -rv http://squid-proxy-pkg.googlecode.com/files/lusca-pfsense-arp-snmp-r14371_2.tbz

enable snmp on squid.inc

acl snmp_host src 127.0.0.1
snmp_port 3401
acl snmppublic snmp_community public
snmp_access allow snmppublic snmp_host
snmp_access deny all  "

squid sudah support snmp > dan boleh di ambil datanya dari server lain ,

misalnya gunakan cacti ?

tq

grage95

jika menggunkan mrtg di cacti other box

acl snmp_host src your-ip-cacti
acl snmp_host src  127.0.0.1
snmp_port 3401
acl snmppublic snmp_community public
snmp_access allow snmppublic snmp_host
snmp_access deny all  "

dan di firewall open port 3401 protocol udp

di box cacti install net-snmp dan cacti-template-squidstats

edit /etc/snmpd.conf
tambahkan line ini :

#sec.name                source          community
com2sec local            localhost        public
com2sec mynetwork  1.2.3.0/24      public

check with snmpwalk

snmpwalk -v2c -c public your-ip-pfsense-squid-box:3401 .1.3.6.1.4.1.3495.1.1

zass

tq,tq.tq  ;D saya coba dulu !

zass

Grage5, mengapa saya punya tiada option snmp ?

$ squid -v
Squid Cache: Version LUSCA_HEAD
configure options:  '–bindir=/usr/local/sbin'
'--sbindir=/usr/local/sbin' '--datadir=/usr/local/etc/squid'
'--libexecdir=/usr/local/libexec/squid' '--localstatedir=/usr/local/squid'
'--sysconfdir=/usr/local/etc/squid' '--enable-removal-policies=lru heap'
'--disable-linux-netfilter' '--disable-linux-tproxy' '--disable-epoll'
'--with-pthreads' '--enable-storeio=aufs' '--enable-delay-pools'
'--disable-carp' '--disable-wccp' '--disable-ident-lookups'
'--enable-pf-transparent' '--with-large-files' '--enable-large-cache-files'
'--enable-err-languages=English' '--enable-default-err-language=English'
'--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/'
'--build=i386-portbld-freebsd7.2' 'build_alias=i386-portbld-freebsd7.2'
'CC=cc' 'CFLAGS=-O2 -pipe -funroll-loops -ffast-math  -fno-strict-aliasing'
'LDFLAGS=' 'CPPFLAGS='

tq

grage95

sudah mengupdate package dnegan http://squid-proxy-pkg.googlecode.com/files/lusca-pfsense-arp-snmp-r14371_2.tbz
dan sudah di rehash ?

dedieko

Bos Grage, ada sedikit masalah:

su -m proxy -c "/usr/local/bin/squidstats.pl createdb"

Can't locate RRDs.pm in @INC (@INC contains: /usr/local/lib/perl5/5.8.8/BSDPAN /usr/local/lib/perl5/site_perl/5.8.8/mach /usr/local/lib/perl5/site_perl/5.8.8 /usr/local/lib/perl5/site_perl /usr/local/lib/perl5/5.8.8/mach /usr/local/lib/perl5/5.8.8 .) at /usr/local/bin/squidstats.pl line 4.
BEGIN failed–compilation aborted at /usr/local/bin/squidstats.pl line 4.

grage95

kok perl nya versinya beda ya,
perl5/5.8.8

kalau di saya

perl5/5.8.9
pfsense vesi 1.3.xx

perlu di upgrade perlnya mungkin,

jika menggunakan pfsense 1.3

setenv PACKAGESITE "ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/Latest/"

pkg-delete -f perl-5*
pkg_add -rv perl

dedieko

@grage95:

kok perl nya versinya beda ya,
perl5/5.8.8

kalau di saya

perl5/5.8.9
pfsense vesi 1.3.xx

perlu di upgrade perlnya mungkin,

jika menggunakan pfsense 1.3

setenv PACKAGESITE "ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/Latest/"

pkg-delete -f perl-5*
pkg_add -rv perl

Saya pakai Pfsense 1.2.3 bos, upgraded from 1.2

zass

Akhir , berhasil tkasih grage5  ;D

111ichael

@grage95:

kok perl nya versinya beda ya,
perl5/5.8.8

kalau di saya

perl5/5.8.9
pfsense vesi 1.3.xx

perlu di upgrade perlnya mungkin,

jika menggunakan pfsense 1.3

setenv PACKAGESITE "ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/Latest/"

pkg-delete -f perl-5*
pkg_add -rv perl

tolong dong di bantuin saya pkg_add -rv perl hasilx nongol seperti ini….

# pkg_add -rv perl
pkg_add: can't stat package file 'perl'
pkg_add: 1 package addition(s) failed

perl saya sudah tdak ada… gimana????  :-[

dedieko

Hi everybody,

LUSCA sudah running selama 2/3 hari di pfsense 1.2.3

Pagi ini saya memperhatikan ada yang line seperti ini:

2009/12/13 07:25:22| Ready to serve requests.
2009/12/13 07:25:23| Store rebuilding is 100.0% complete
2009/12/13 07:25:23|   /var/squid/cache: completed rebuild
2009/12/13 07:25:23| Done scanning /var/squid/cache (27283 entries)
2009/12/13 07:25:23| Finished rebuilding storage from disk.
2009/12/13 07:25:23|     27283 Entries scanned
2009/12/13 07:25:23|         0 Invalid entries.
2009/12/13 07:25:23|         0 With invalid flags.
2009/12/13 07:25:23|     24072 Objects loaded.
2009/12/13 07:25:23|         0 Objects expired.
2009/12/13 07:25:23|      1338 Objects cancelled.
2009/12/13 07:25:23|       221 Duplicate URLs purged.
2009/12/13 07:25:23|      1426 Swapfile clashes avoided.
2009/12/13 07:25:23|   Took 1.0 seconds (24494.6 objects/sec).
2009/12/13 07:25:23| Beginning Validation Procedure
2009/12/13 07:25:23|   Completed Validation Procedure
2009/12/13 07:25:23|   Validated 22734 Entries
2009/12/13 07:25:23|   store_swap_size = 363114k
2009/12/13 07:25:24| storeLateRelease: released 0 objects
2009/12/13 07:41:38| squidaio_queue_request: WARNING - Queue congestion
2009/12/13 07:53:28| squidaio_queue_request: WARNING - Queue congestion

Hasil penelusuran di google menunjukkan kalo "Queue Congestion" terjadi jika CPU overload atau disk saya I/O-nya sudah mentok

Berikut Data System

# dmesg | grep CPU

CPU: Intel(R) Celeron(R) CPU 2.00GHz (1999.95-MHz 686-class CPU)
cpu0: <acpi cpu="">on acpi0
p4tcc0: <cpu frequency="" thermal="" control="">on cpu0

atacontrol list

ATA channel 0:
   Master:  ad0 <st340014a 8.01="">ATA/ATAPI revision 6
   Slave:       no device present
ATA channel 1:
   Master:      no device present
   Slave:       no device present

dmesg | grep memory

real memory  = 1065287680 (1015 MB)
avail memory = 1028685824 (981 MB)
agp0: detected 8060k stolen memory

swapinfo -k

Device          1K-blocks     Used    Avail Capacity
/dev/ad0s1b       2097152        0  2097152     0%

#top
last pid:  6357;  load averages:  0.12,  0.11,  0.09                                                                                 up 0+00:42:45  08:06:17
111 processes: 2 running, 92 sleeping, 17 waiting
CPU:  0.0% user,  0.0% nice,  100% system,  0.0% interrupt,  0.0% idle
Mem: 70M Active, 32M Inact, 54M Wired, 632K Cache, 52M Buf, 829M Free
Swap: 2048M Total, 2048M Free
…</st340014a></cpu></acpi>

Mohon pencerahannya
Terima kasih, Matur nuwun, thank you

grage95

kalau menggunakan lusca
perbesar  n_aiops_threads jadi 32

grage95

@111ichael:

# pkg_add -rv perl
pkg_add: can't stat package file 'perl'
pkg_add: 1 package addition(s) failed

perl saya sudah tdak ada… gimana????  :-[

[/quote]

cek dengan pkg_info |grep perl
jika sudah tidak ada install ulang, tapi harus sesuaikan dengan versi kernel pfsensenya
jika masih ada silangkan di uninstall
pkg_delete -f perl*

coba di uname -a

kalau menggunakan
FreeBSD 7.2-Release : pkg_add -rv http://125.160.17.22/freebsd/ports/i386/packages-7.2-release/lang/perl-5.8.9_2.tbz
FreeBSD 7-STABLE : pkg_add -rv http://125.160.17.22/freebsd/ports/i386/packages-7-stable/lang/perl-5.8.9_3.tbz

dan jangan lupa di rehash

111ichael

@grage95:

@111ichael:

cek dengan pkg_info |grep perl
jika sudah tidak ada install ulang, tapi harus sesuaikan dengan versi kernel pfsensenya
jika masih ada silangkan di uninstall
pkg_delete -f perl*

coba di uname -a

kalau menggunakan
FreeBSD 7.2-Release : pkg_add -rv http://125.160.17.22/freebsd/ports/i386/packages-7.2-release/lang/perl-5.8.9_2.tbz
FreeBSD 7-STABLE : pkg_add -rv http://125.160.17.22/freebsd/ports/i386/packages-7-stable/lang/perl-5.8.9_3.tbz

dan jangan lupa di rehash

Makasih atas pencerahannya…..  om Grage ;D

ipoelnet

Kalau keluar gini pada cache.log

2009/12/15 17:57:10| Beginning Validation Procedure
2009/12/15 17:57:10|    262144 Entries Validated so far.
2009/12/15 17:57:10|    524288 Entries Validated so far.
2009/12/15 17:57:10|  Completed Validation Procedure
2009/12/15 17:57:10|  Validated 559523 Entries
2009/12/15 17:57:10|  store_swap_size = 6777879k
2009/12/15 17:57:10| storeLateRelease: released 0 objects

apa penyebabnya, dan apa berpengaruh Om2?

tomplee

om grage saya pake pfsense 1.2.2 lusca pake yang versi ini http://shakau.googlepages.com/vanila-arp-lusca-1.4_2.tbz
yang lusca vanila versi ini kok gak mau di gabung ma adzap versi ini  adzap-20090301.tbz dia pake perl 5.8.9_3 kalau perl-nya yang tak pake yang ini sesuai permintaan adzap luscanya gak mau jalan. solusinya kira bgm ya..

grage95

coba cek dulu perlnya ang sudah terinstall

pkg_info perl*

jika masih menggunakan perl 5.8.8, update perlnya ke versi 5.8.9

coba lusca paket baru lebih responsip hasil patch utak atik gathuk :) , lumayan responsif dan stabil,
cuman cache swap nya harus di delete dulu baru di squid -z,

http://squid-proxy-pkg.googlecode.com/files/pfsense-lusca-head-r14371_3.tbz (menggunakan perl-5.8.9_3.tbz) dan bisa jalan dengan perl-5.8.9_2.tbz

atau update versi pfsensenya,
versi 1.2.3 release lebih maknyuss paralel threadnya utk proxy daripada versi 1.2.2 release dan banyak lagi perbaikannya

tomplee

@grage95:

coba cek dulu perlnya ang sudah terinstall

pkg_info perl*

jika masih menggunakan perl 5.8.8, update perlnya ke versi 5.8.9

coba lusca paket baru lebih responsip hasil patch utak atik gathuk :) , lumayan responsif dan stabil,
cuman cache swap nya harus di delete dulu baru di squid -z,

http://squid-proxy-pkg.googlecode.com/files/pfsense-lusca-head-r14371_3.tbz (menggunakan perl-5.8.9_3.tbz) dan bisa jalan dengan perl-5.8.9_2.tbz

atau update versi pfsensenya,
versi 1.2.3 release lebih maknyuss paralel threadnya utk proxy daripada versi 1.2.2 release dan banyak lagi perbaikannya

Oke tak cobanya update lusca yang baru..