Squid - Purge Cache fails
-
PF 1.2.3
Squid 2.7.9_4I'm attempting to remove a website from our cache after adding rules to keep it from getting cached further.
So I tried:
squidclient -m purge http://website.to.exclude/
which resulted in:
client: ERROR: Cannot connect to localhost:3128: Operation timed out
What am I missing?
Here's my squid.conf:
Do not edit manually !
http_port 10.4.1.254:3128
icp_port 0pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_directory /usr/local/etc/squid/errors/English
icon_directory /usr/local/etc/squid/icons
visible_hostname gateway.agrisolutions.com
cache_mgr techsupport@agrisolutions.com
access_log /var/squid/log/access.log
cache_log /var/squid/log/cache.log
cache_store_log none
logfile_rotate 30
shutdown_lifetime 3 secondsAllow local network(s) on interface(s)
acl localnet src 10.4.0.0/255.255.0.0
uri_whitespace stripcache_mem 64 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_dir aufs /var/squid/cache 10000 16 256
minimum_object_size 0 KB
maximum_object_size 256000 KB
offline_mode off
cache_swap_low 90
cache_swap_high 95No redirector configured
Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 1443 3128 1025-65535
acl sslports port 443 563 1443
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin ?
cache deny dynamic
http_access allow manager localhostAllow external cache managers
acl ext_manager_1 src 10.4.1.254
http_access allow manager ext_manager_1http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslportsAlways allow localhost connections
http_access allow localhost
quick_abort_min -1 KB
quick_abort_max 20000 KB
request_body_max_size 0 KB
reply_body_max_size 0 allow all
delay_pools 1
delay_class 1 2
delay_parameters 1 1228800/1228800 -1/-1
delay_initial_bucket_level 100Throttle extensions matched in the url
acl throttle_exts urlpath_regex -i "/var/squid/acl/throttle_exts.acl"
delay_access 1 allow throttle_exts
delay_access 1 deny allSetup allowed acls
Allow local network(s) on interface(s)
http_access allow localnet
Custom options
refresh_pattern windowsupdate.com/..(cab|exe) 4320 100% 43200 reload-into-ims
refresh_pattern download.microsoft.com/..(cab|exe) 4320 100% 43200 reload-into-ims
refresh_pattern au.download.windowsupdate.com/.*.(cab|exe) 4320 100% 43200 reload-into-imsDefault block all to be sure
http_access deny all
-
asiTechsupport,
pfSense-1.2.3-RELEASE
squid 2781
squidGuard 1303I needed to remove one squid cached entry same as you, As I modified one of our webserver's mainpage ,and needed to have the client machines see the new changes.
Bottom line I am running into the exact same error as you are getting. I even designated port number and still get timed out.
Sidenote: With a few different extra parameters added to squidclient ,one time it appeared squidclient was trying to actually remove the web page on the actual server (not squid cache) ?…:(.squidclient -m PURGE -p 8080 http://my.web.address
" Could not connect to localhost:8080 Operation timed out...
This is ssh'd into the pfSense machine.
Take Care,
Barry -
-
wagonza,
I tried you suggestion. It appears squidclient at least now is going to try and delete/purge the cached object.
I now get 405 access denied.
I think i need to add an acl to squid of ip.ad.dress in the acl section,along with the already existing 127.0.0.1 entry.Thanks,
Barry -
Correct - you need to setup a Cache Manager password and the relevant ACL's.
Have a look at http://wiki.squid-cache.org/SquidFaq/CacheManager#Cache_manager_access_from_squidclient for details on how to setup the Cache Manager ACLs.