4. Problema SQUID Select loop Error. Retry 1

Problema SQUID Select loop Error. Retry 1

  • S

    Estou com problemas no meu Squid, a cada hora religiosamente ele reinicia e aparece a mensagem:

    18.05.2016 09:02:43 Starting new ntlmauthenticator helpers…
    18.05.2016 09:02:43 Select loop Error. Retry 1
    18.05.2016 08:45:27 Starting new ntlmauthenticator helpers…
    18.05.2016 08:45:26 Starting new ntlmauthenticator helpers...

    Meu Squid.conf
    logfile_rotate 7
    debug_options rotate=7
    shutdown_lifetime 3 seconds

    Allow local network(s) on interface(s)

    acl localnet src  10.98.0.0/21 127.0.0.0/8
    forwarded_for on
    uri_whitespace strip
    dns_nameservers 8.8.8.8 177.66.192.4
    refresh_pattern -i http..gov.br/.        720 100%  7200 reload-into-ims
    refresh_pattern -i http..globo.com/.    720 100%  7200 reload-into-ims
    refresh_pattern -i http..terra.com.br/.  720 100%  7200 reload-into-ims
    refresh_pattern -i http..google./.*      720 100% 10080 reload-into-ims
    refresh_pattern -i http..msn./.*        720 100% 10080 reload-into-ims
    refresh_pattern -i http..uol.com./.*    720 100% 10080 reload-into-ims
    refresh_pattern -i http..bol.com./.*    720 100% 10080 reload-into-ims

    cache_mem 24530 MB
    maximum_object_size_in_memory 1024 KB
    memory_replacement_policy heap GDSF
    cache_replacement_policy heap LFUDA
    minimum_object_size 0 KB
    maximum_object_size 500 MB
    cache_dir diskd /var/squid/cache 40960 16 256
    offline_mode off
    cache_swap_low 90
    cache_swap_high 95
    cache allow all

    Add any of your own refresh_pattern entries above these.

    refresh_pattern ^ftp:    1440  20%  10080
    refresh_pattern ^gopher:  1440  0%  1440
    refresh_pattern -i (/cgi-bin/|?) 0  0%  0
    refresh_pattern .    0  20%  4320

    #Remote proxies

    Setup some default acls

    From 3.2 further configuration cleanups have been done to make things easier and safer. The manager, localhost, and to_localhost ACL definitions are now built-in.

    acl localhost src 127.0.0.1/32

    acl allsrc src all
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3129 3129 1025-65535 143 587 993
    acl sslports port 443 563  587

    From 3.2 further configuration cleanups have been done to make things easier and safer. The manager, localhost, and to_localhost ACL definitions are now built-in.

    #acl manager proto cache_object

    acl purge method PURGE
    acl connect method CONNECT

    Define protocols used for redirects

    acl HTTP proto HTTP
    acl HTTPS proto HTTPS
    acl whitelist dstdom_regex -i '/var/squid/acl/whitelist.acl'
    acl blacklist dstdom_regex -i '/var/squid/acl/blacklist.acl'
    http_access allow manager localhost

    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports

    Always allow localhost connections

    From 3.2 further configuration cleanups have been done to make things easier and safer.

    The manager, localhost, and to_localhost ACL definitions are now built-in.

    http_access allow localhost

    quick_abort_min 0 KB
    quick_abort_max 0 KB
    request_body_max_size 15360 KB
    reply_body_max_size 35840 KB allsrc
    delay_pools 1
    delay_class 1 2
    delay_parameters 1 -1/-1 -1/-1
    delay_initial_bucket_level 50

    Throttle extensions matched in the url

    acl throttle_exts urlpath_regex -i '/var/squid/acl/throttle_exts.acl'
    delay_access 1 allow throttle_exts
    delay_access 1 deny allsrc

    Reverse Proxy settings

    Package Integration

    url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf
    url_rewrite_bypass off
    url_rewrite_children 50 startup=8 idle=4 concurrency=0

    Custom options before auth

    Always allow access to whitelist domains

    http_access allow whitelist

    Block access to blacklist domains

    http_access deny blacklist
    acl sglog url_regex -i sgr=ACCESSDENIED
    auth_param ntlm program /usr/local/libexec/squid/ntlm_auth --domain=xxxx.br --helper-protocol=squid-2.5-ntlmssp
    auth_param ntlm children 100
    auth_param ntlm keep_alive off
    auth_param basic program /usr/local/libexec/squid/ntlm_auth --helper-protocol=squid-2.5-basic
    auth_param basic children 5
    auth_param basic realm DIGITE SEU USUARIO E SENHA PARA LIBERAR O ACESSO
    auth_param basic credentialsttl 5 minutes
    acl password proxy_auth REQUIRED

    Custom options after auth

    http_access deny password sglog
    http_access allow password localnet

    Default block all to be sure

    http_access deny allsrc

    icap_enable on
    icap_send_client_ip on
    icap_send_client_username on
    icap_client_username_encode off
    icap_client_username_header X-Authenticated-User
    icap_preview_enable on
    icap_preview_size 1024

    icap_service service_avi_req reqmod_precache icap://127.0.0.1:1344/squid_clamav bypass=off
    adaptation_access service_avi_req allow all
    icap_service service_avi_resp respmod_precache icap://127.0.0.1:1344/squid_clamav bypass=on
    adaptation_access service_avi_resp allow all

    1
  • A

    Alguém conseguiu resolver esse erro? Também estou passando por ele!

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy