Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Disk usage 80-95% and squid nearly 100% CPU

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    3 Posts 2 Posters 3.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      Nachtfalke
      last edited by

      Hi,

      my disk usage is very high between 80% and 95%
      Further the squid process is running with nearly 100% CPU

      [2.0-RC1][admin@pfsense2.hpa]/tmp(7): df -h
      Filesystem     Size    Used   Avail Capacity  Mounted on
      /dev/da0s1a     57G     45G    7.8G    85%    /
      devfs          1.0K    1.0K      0B   100%    /dev
      /dev/md0       3.6M     48K    3.3M     1%    /var/run
      devfs          1.0K    1.0K      0B   100%    /var/dhcpd/dev
      [2.0-RC1][admin@pfsense2.hpa]/tmp(8): top
      last pid: 24984;  load averages:  1.03,  0.96,  0.86                               up 0+00:37:24  22:28:22
      47 processes:  2 running, 45 sleeping
      CPU: 10.9% user,  0.0% nice, 15.1% system,  0.5% interrupt, 73.4% idle
      Mem: 114M Active, 3073M Inact, 557M Wired, 116M Cache, 416M Buf, 57M Free
      Swap: 8192M Total, 140K Used, 8192M Free
      
        PID USERNAME  THR PRI NICE   SIZE    RES STATE   C   TIME   WCPU COMMAND
      18878 proxy       1 118    0 41872K 25120K CPU0    0   2:49 98.68% squid
      36089 root        1  57    0   102M 17416K accept  2   0:05  0.00% php
      36122 root        1  76    0   102M 15728K accept  1   0:05  0.00% php
      48654 root        1  76    0   102M 18856K accept  1   0:01  0.00% php
      40927 root        1  76    0   102M 16004K accept  0   0:01  0.00% php
      33800 root        1  44    0 23716K  3616K kqread  1   0:01  0.00% lighttpd
      29263 root        1  44    0  5836K  1392K select  1   0:01  0.00% apinger
       5794 root        1  76   20  8292K  1400K wait    1   0:00  0.00% sh
      50802 dhcpd       1  44    0 10544K  6172K select  1   0:00  0.00% dhcpd
      35455 root        1  69    0   100M  8720K wait    2   0:00  0.00% php
      34342 root        1  76    0   100M  8788K wait    3   0:00  0.00% php
      36714 root        1  53    0   666M 13056K select  2   0:00  0.00% radiusd
      14438 root        1  76    0 19492K  1604K wait    3   0:00  0.00% login
       3963 root        1  44    0 26140K  3412K select  1   0:00  0.00% sshd
      59231 root        1  48    0  8292K  1352K wait    3   0:00  0.00% sh
      18351 root        1  44    0 11768K  2112K bpf     2   0:00  0.00% tcpdump
      36940 _ntp        1  44    0  5832K  1384K select  1   0:00  0.00% ntpd
      26859 root        1  44    0  8284K  2524K pause   1   0:00  0.00% tcsh
      28441 root        1  44    0  9364K  2224K CPU2    2   0:00  0.00% top
      13842 root        2  44    0  7084K  1252K nanslp  3   0:00  0.00% sshlockout_pf
      25914 root        1  44    0  9036K  1464K select  0   0:00  0.00% inetd
      22006 root        2  44    0  7084K  1256K nanslp  1   0:00  0.00% sshlockout_pf
      23832 root        2  44    0  7084K  1244K nanslp  1   0:00  0.00% sshlockout_pf
        249 root        1  64   20  8000K  1140K kqread  1   0:00  0.00% check_reload_status
      22046 root        1  76    0  8292K  1604K wait    1   0:00  0.00% sh
      52862 root        1  44    0  6996K  1516K select  2   0:00  0.00% syslogd
       6990 root        1  44    0  7980K  1428K nanslp  2   0:00  0.00% cron
      [2.0-RC1][admin@pfsense2.hpa]/tmp(9):
      
      

      A reboot of pfsense didn't solve. A complete uninstallation of squid and a reboot didn't solve it.
      This is my squid.conf

      # Do not edit manually !
      http_port 172.17.0.1:3128
      http_port 127.0.0.1:80 transparent
      icp_port 0
      
      pid_filename /var/run/squid.pid
      cache_effective_user proxy
      cache_effective_group proxy
      error_directory /usr/local/etc/squid/errors/German
      icon_directory /usr/local/etc/squid/icons
      visible_hostname hpa
      cache_mgr rbs.hpa@polizei.hessen.de
      access_log /dev/null
      cache_log /var/squid/log/cache.log
      cache_store_log none
      logfile_rotate 1
      shutdown_lifetime 3 seconds
      # Allow local network(s) on interface(s)
      acl localnet src  172.17.0.0/255.255.252.0
      httpd_suppress_version_string on
      uri_whitespace encode
      
      cache_mem 1024 MB
      maximum_object_size_in_memory 512 KB
      memory_replacement_policy heap LFUDA
      cache_replacement_policy heap LFUDA
      cache_dir ufs /var/squid/cache 10240 128 256
      minimum_object_size 0 KB
      maximum_object_size 204800 KB
      offline_mode off
      cache_swap_low 80
      cache_swap_high 90
      
      # No redirector configured
      
      # Setup some default acls
      acl all src 0.0.0.0/0.0.0.0
      acl localhost src 127.0.0.1/255.255.255.255
      acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
      acl sslports port 443 563
      acl manager proto cache_object
      acl purge method PURGE
      acl connect method CONNECT
      acl dynamic urlpath_regex cgi-bin \?
      cache deny dynamic
      http_access allow manager localhost
      
      # Allow external cache managers
      acl ext_manager_1 src 172.17.0.1
      http_access allow manager ext_manager_1
      
      http_access deny manager
      http_access allow purge localhost
      http_access deny purge
      http_access deny !safeports
      http_access deny CONNECT !sslports
      
      # Always allow localhost connections
      http_access allow localhost
      
      request_body_max_size 0 KB
      reply_body_max_size 0 deny all
      delay_pools 1
      delay_class 1 2
      delay_parameters 1 -1/-1 -1/-1
      delay_initial_bucket_level 100
      delay_access 1 allow all
      
      # Setup allowed acls
      # Allow local network(s) on interface(s)
      http_access allow localnet
      # Custom options
      refresh_pattern -i .*adobe\.com/.*\.(exe|msi) 4320 100% 43200 reload-into-ims
      refresh_pattern -i .*apple\.com/.*\.(pkg|dmg) 8640 100% 86400 reload-into-ims
      refresh_pattern -i .*microsoft\.com/.*\.(cab|exe|msi|msp) 8640 100% 86400 reload-into-ims
      refresh_pattern -i .*windowsupdate\.com/.*\.(cab|exe|msi|msp) 8640 100% 86400 reload-into-ims
      refresh_pattern -i .*ubuntu\.com/.*\.(tar|bz|bz2|gpg|gz|zip|deb) 8640 100% 86400 reload-into-ims
      refresh_pattern -i ^ftp: 1440 20% 10080
      refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
      range_offset_limit -1
      
      # Default block all to be sure
      http_access deny all
      
      

      The other package is freeradius.

      Why is this happening ? Found some old threads where the conclusion was "an open file was deleted" or so on.
      How could I find out which file it is ?

      Thanks for your help.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Removing the squid package does not remove the squid cache directory. If you want to remove that, you have to manually do this:

        rm -rf /var/squid/
        

        Which will delete all of the logs, cache, etc.

        If you want to track down what is using the space, use the "du" command, like so:

        du -kd 1 /
        

        And then see which one is using the most space, go in there, and repeat that command until you find it. You can use du without the "-d 1" to get a complete output, but it can be harder to sort through and interpret the whole thing instead of doing it level by level.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • N
          Nachtfalke
          last edited by

          Thanks for your feedback. I will try this in the future if the problem occures again.
          But for now I did a complete reinstallation because in the past I installed and reinstalled many package and so on and I think its good to know to have a clean system and a clean config.xml file to work with ;-)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.