Squid - Purge Cache fails
I'm attempting to remove a website from our cache after adding rules to keep it from getting cached further.
So I tried:
squidclient -m purge http://website.to.exclude/
which resulted in:
client: ERROR: Cannot connect to localhost:3128: Operation timed out
What am I missing?
Here's my squid.conf:
shutdown_lifetime 3 seconds
acl localnet src 10.4.0.0/255.255.0.0
cache_mem 64 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /var/squid/cache 10000 16 256
minimum_object_size 0 KB
maximum_object_size 256000 KB
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 1443 3128 1025-65535
acl sslports port 443 563 1443
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin ?
cache deny dynamic
http_access allow manager localhost
acl ext_manager_1 src 10.4.1.254
http_access allow manager ext_manager_1
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports
http_access allow localhost
quick_abort_min -1 KB
quick_abort_max 20000 KB
request_body_max_size 0 KB
reply_body_max_size 0 allow all
delay_class 1 2
delay_parameters 1 1228800/1228800 -1/-1
acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny all
http_access allow localnet
refresh_pattern windowsupdate.com/..(cab|exe) 4320 100% 43200 reload-into-ims
refresh_pattern download.microsoft.com/..(cab|exe) 4320 100% 43200 reload-into-ims
refresh_pattern au.download.windowsupdate.com/.*.(cab|exe) 4320 100% 43200 reload-into-ims
http_access deny all
I needed to remove one squid cached entry same as you, As I modified one of our webserver's mainpage ,and needed to have the client machines see the new changes.
Bottom line I am running into the exact same error as you are getting. I even designated port number and still get timed out.
Sidenote: With a few different extra parameters added to squidclient ,one time it appeared squidclient was trying to actually remove the web page on the actual server (not squid cache) ?…:(.
squidclient -m PURGE -p 8080 http://my.web.address
" Could not connect to localhost:8080 Operation timed out...
This is ssh'd into the pfSense machine.
Your squid isn't listening on localhost but only 10.4.1.254, so try squidclient -h 10.4.1.254 -m purge http://website.to.exclude/
I tried you suggestion. It appears squidclient at least now is going to try and delete/purge the cached object.
I now get 405 access denied.
I think i need to add an acl to squid of ip.ad.dress in the acl section,along with the already existing 127.0.0.1 entry.
Correct - you need to setup a Cache Manager password and the relevant ACL's.
Have a look at http://wiki.squid-cache.org/SquidFaq/CacheManager#Cache_manager_access_from_squidclient for details on how to setup the Cache Manager ACLs.