Couple of questions about squid3-dev
-
hi, guys i have a couple of question requarding squid3-dev 3.3.10 pkg 2.2.6 2.1.4-RELEASE (i386)built on Fri Jun 20 12:59:29 EDT 2014
FreeBSD 8.3-RELEASE-p16. i followed this https://forum.pfsense.org/index.php/topic,47856.0.htmli have finally got it to cache the sites and im looking at the log and i see a lot of TCP_MISS squid_monitor_data.php i was wondering if there was a way to block squid from trying to cache it.
second question is all of the ip addresses are the same is there anyway to change this its not a big deal just curious next youtube videos and other .mp4 vids are not being cached i have the dynamic caching checked is there any other settings i need to add for it to cache videos
lastly download speeds are extremely slow 20kb/s when i have a 120mb line with a fresh pfsense setup i get the full bandwidth.
i attached a screenshot so you guys can see what im talking about.
any help would be greatly appreciated.
-
i did some searching and was wondering if this would work
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i .(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i .(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i .(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i .index.(html|htm)$ 0 40% 10080
refresh_pattern -i .(html|htm|css|js)$ 1440 40% 40320
refresh_pattern . 0 40% 40320 -
anyone?
-
Where is "squid_monitor_log.php" file served from?
Because if squid is configured with "Bypass proxy for Private Address destination" turned on, it should not be trying to cache when it is served from a private address space (10.x.x.x; 172.x.x.x.; 192.168.x.x ).
But it seems it is served via 215.x.x.x, and that is not private address space.You could try and use a proxy script in the browsers. (proxy.pac or wpad.dat)
function FindProxyForURL(url, host) { url = url.toLowerCase(); host = host.toLowerCase(); isHttp = (url.substring(0,5) == "http:"); isHttps = (url.substring(0,6) == "https:") // If the requested website is hosted within the internal network, send direct. if (isPlainHostName(host) || shExpMatch(host, "*.home") || shExpMatch(host, "*.local") || isInNet(dnsResolve(host), "10.0.0.0", "255.0.0.0") || isInNet(dnsResolve(host), "172.16.0.0", "255.240.0.0") || isInNet(dnsResolve(host), "192.168.0.0", "255.255.0.0") || isInNet(dnsResolve(host), "169.254.0.0", "255.255.0.0") || isInNet(dnsResolve(host), "127.0.0.0", "255.255.255.0")) { return "DIRECT"; } // Forward non-http(s) and some hosts to forward proxy (or DIRECT) if((!isHttp && !isHttps) // Skip all non http(s) || dnsDomainIs(host, "microsoft.com") || dnsDomainIs(host, "windowsupdate.com") || dnsDomainIs(host, "eset.com") || dnsDomainIs(host, "mcafee.com") // McAfee || dnsDomainIs(host, "siteadvisor.com") // McAfee || dnsDomainIs(host, "hackerwatch.com") // McAfee || dnsDomainIs(host, "hackerwatch.org") // McAfee || dnsDomainIs(host, "avg.com") || dnsDomainIs(host, "grisoft.cz") || dnsDomainIs(host, "avgfree.com") || dnsDomainIs(host, "avg.cz") || dnsDomainIs(host, "symantecliveupdate.com") || dnsDomainIs(host, "thawte.com")) { return "DIRECT"; } if (isHttps) // Skip HTTPS { return "DIRECT"; } // Otherwise, go through our proxy or if it fails, through bypass return "PROXY 192.168.0.1:3128; DIRECT"; }