SQuid - TCP_MISS/503
-
Boa tarde
Trabalho com o squid a bastante tempo e estou tendo problemas apos ter uma atualização no servidor de e-mail Zimbra que nos fornece serviço.
Apresenta erro ERR_TUNNEL_CONNECTION_FAILED e no Log apresenta TCP_MISS/503.Caso alguém consiga me ajudar serei muito grato.
Desde ja agradeço
André Pereira -
https://forum.pfsense.org/index.php?topic=103546.0
-
Boa tarde andr3.ribeiro
Cheguei a verificar as configurações do squid, porem onde ja esta configurado fica no /usr/local/pkg/squid.inc;
Todas as configs estão batendo.
E o mais estranho é que quando eu limpo o cache do navegador ele funciona por alguns instantes e depois para novamente.Teria mais alguma dica?
Grato.
-
já colocou seu squid para não fazer cache no seu squid?
-
TCP_MISS/503 significa que foi buscado o endereço no cache.
Manda um print aí das suas confs de cache! -
já colocou seu squid para não fazer cache no seu squid?
adicione seu dominio ou o endereço do seu webmail para não fazer cache.
-
Bom dia
Segue meu squid.conf# This file is automatically generated by pfSense # Do not edit manually ! http_port 172.16.0.30:3128 icp_port 0 dns_v4_first on pid_filename /var/run/squid/squid.pid cache_effective_user proxy cache_effective_group proxy error_default_language pt-br icon_directory /usr/pbi/squid-i386/local/etc/squid/icons visible_hostname ProxyOba cache_mgr tidf@redeoba.com.br access_log /var/squid/logs/access.log cache_log /var/squid/logs/cache.log cache_store_log none netdb_filename /var/squid/logs/netdb.state pinger_enable on pinger_program /usr/pbi/squid-i386/local/libexec/squid/pinger logfile_rotate 10 debug_options rotate=10 shutdown_lifetime 3 seconds # Allow local network(s) on interface(s) acl localnet src 172.16.0.0/24 forwarded_for on uri_whitespace strip acl dynamic urlpath_regex cgi-bin \? cache deny dynamic # Windows Update refresh_pattern range_offset_limit -1 refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims # Symantec refresh_pattern range_offset_limit -1 refresh_pattern liveupdate.symantecliveupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims refresh_pattern symantecliveupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims # Avast refresh_pattern range_offset_limit -1 refresh_pattern avast.com/.*\.(vpu|cab|stamp|exe) 10080 100% 43200 reload-into-ims # Avira refresh_pattern range_offset_limit -1 refresh_pattern personal.avira-update.com/.*\.(cab|exe|dll|msi|gz) 10080 100% 43200 reload-into-ims cache_mem 128 MB maximum_object_size_in_memory 32 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA cache_dir ufs /var/squid/cache 6000 128 256 minimum_object_size 0 KB maximum_object_size 40000 KB offline_mode off cache_swap_low 70 cache_swap_high 95 cache allow all # Add any of your own refresh_pattern entries above these. refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 # No redirector configured #Remote proxies # Setup some default acls # From 3.2 further configuration cleanups have been done to make things easier and safer. The manager, localhost, and to_localhost ACL definitions are now built-in. # acl localhost src 127.0.0.1/32 acl allsrc src all acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 6099 3128 3127 1025-65535 acl sslports port 443 563 6099 # From 3.2 further configuration cleanups have been done to make things easier and safer. The manager, localhost, and to_localhost ACL definitions are now built-in. #acl manager proto cache_object acl purge method PURGE acl connect method CONNECT # Define protocols used for redirects acl HTTP proto HTTP acl HTTPS proto HTTPS acl allowed_subnets src 192.168.100.0/24 192.168.35.0/24 192.168.160.0/24 192.168.7.0/24 192.168.51.0/24 192.168.50.0/24 192.168.53.0/24 192.168.10.0/24 192.168.5.0/24 192.168.11.0/24 192.168.9.0/24 acl whitelist dstdom_regex -i "/var/squid/acl/whitelist.acl" acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl" http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !safeports http_access deny CONNECT !sslports # Always allow localhost connections # From 3.2 further configuration cleanups have been done to make things easier and safer. # The manager, localhost, and to_localhost ACL definitions are now built-in. # http_access allow localhost quick_abort_min 0 KB quick_abort_max 0 KB request_body_max_size 128 KB reply_body_max_size 40000 KB allsrc delay_pools 1 delay_class 1 2 delay_parameters 1 -1/-1 -1/-1 delay_initial_bucket_level 100 delay_access 1 allow allsrc # Reverse Proxy settings # Package Integration url_rewrite_program /usr/pbi/squidguard-i386/bin/squidGuard -c /usr/pbi/squidguard-i386/etc/squidGuard/squidGuard.conf url_rewrite_bypass off url_rewrite_children 16 startup=8 idle=4 concurrency=0 # Custom options before auth # Always allow access to whitelist domains http_access allow whitelist # Block access to blacklist domains http_access deny blacklist acl sglog url_regex -i sgr=ACCESSDENIED http_access deny sglog # Setup allowed acls # Allow local network(s) on interface(s) http_access allow allowed_subnets http_access allow localnet # Default block all to be sure http_access deny allsrc
-
Agradeço a ajuda dos srs jvicente e andr3.ribeiro.
Identificamos o problema e estava no servidor e e-mail onde estava com dos endereços IP.
Agradeço o esforço dos srs.
André Pereira