Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid 3 (3.1.20 pkg 2.0.6) on 2.1 (x64 -8-16-13) does not cache anything

    Scheduled Pinned Locked Moved 2.1 Snapshot Feedback and Problems - RETIRED
    1 Posts 1 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Pistolero
      last edited by

      Hi all,

      Been hitting my head against the keyboard on this one. I got Squid 3 (3.1.20 pkg 2.0.6) up and running with SqidGuard ( 1.4_4 pkg v.1.9.5) and HAVP (0.91_1 pkg v1.01) on a clean install of the x64 -8-16-13 build. Ads and other undesirable sites are being blocked successfully, and the proxy is passing traffic without a problem.

      Issue is that according to LightSquid, there is zero caching going on…

      Any ideas why?

      Here is the config file from Squid:

      # This file is automatically generated by pfSense
# Do not edit manually !
http_port x.x.x.x:3128
http_port 127.0.0.1:3128 intercept
icp_port 7
dns_v4_first on
pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_default_language en
icon_directory /usr/pbi/squid-amd64/etc/squid/icons
visible_hostname pfS
cache_mgr fjrv@outlook.com
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
sslcrtd_children 0
logfile_rotate 90
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  x.x.x.0/24
uri_whitespace strip

# Break HTTP standard for flash videos. Keep them in cache even if asked not to.
refresh_pattern -i .flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private

# Let the clients favorite video site through with full caching
acl youtube dstdomain .youtube.com
cache allow youtube

# Windows Update refresh_pattern
range_offset_limit -1
refresh_pattern -i microsoft.com/.*.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i my.windowsupdate.website.com/.*.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims

# Avast refresh_pattern
range_offset_limit -1
refresh_pattern avast.com/.*.(vpu|cab|stamp|exe) 10080 100% 43200 reload-into-ims
cache_mem 4096 MB
maximum_object_size_in_memory 1024 KB
memory_replacement_policy heap LRU
cache_replacement_policy heap GDSF
cache_dir aufs /var/squid/cache 160000 32 256
minimum_object_size 0 KB
maximum_object_size 10485760 KB
offline_mode offcache_swap_low 90
cache_swap_high 95

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:    1440  20%  10080
refresh_pattern ^gopher:  1440  0%  1440
refresh_pattern -i (/cgi-bin/|?) 0  0%  0
refresh_pattern .    0  20%  4320
# No redirector configured

#Remote proxies

# Setup some default acls
acl allsrc src all
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535 
acl sslports port 443 563  
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT

# Define protocols used for redirects
acl HTTP proto HTTP
acl HTTPS proto HTTPS

acl whitelist dstdom_regex -i '/var/squid/acl/whitelist.acl'
acl blacklist dstdom_regex -i '/var/squid/acl/blacklist.acl'
http_access allow manager localhost

# Allow external cache managers
acl ext_manager src 127.0.0.1
acl ext_manager src x.x.x.x
http_access allow manager ext_manager

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
http_access allow localhost

quick_abort_min 10240 KB
quick_abort_max 0 KB
quick_abort_pct 50
request_body_max_size 0 KB
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
# Throttle extensions matched in the url
acl throttle_exts urlpath_regex -i '/var/squid/acl/throttle_exts.acl'
delay_access 1 allow throttle_exts
delay_access 1 deny allsrc

# Reverse Proxy settings

# Package Integration
never_direct allow all
cache_peer 127.0.0.1 parent 3125 0 name=havp no-query no-digest no-netdb-exchange default

redirect_program /usr/pbi/squidguard-squid3-amd64/bin/squidGuard -c /usr/pbi/squidguard-squid3-amd64/etc/squidGuard/squidGuard.conf
redirector_bypass off
url_rewrite_children 5

# Custom options
redirect_children 20

# Always allow access to whitelist domains
http_access allow whitelist
# Block access to blacklist domains
http_access deny blacklist
# Setup allowed acls
# Allow local network(s) on interface(s)
http_access allow localnet
# Default block all to be sure
http_access deny allsrc

      Any help greatly appreciated!

      Thanks!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.