Squid 3 (3.1.20 pkg 2.0.6) on 2.1 (x64 -8-16-13) does not cache anything

2.1 Snapshot Feedback and Problems - RETIRED
Log in to reply
  • P

    Hi all,

    Been hitting my head against the keyboard on this one. I got Squid 3 (3.1.20 pkg 2.0.6) up and running with SqidGuard ( 1.4_4 pkg v.1.9.5) and HAVP (0.91_1 pkg v1.01) on a clean install of the x64 -8-16-13 build. Ads and other undesirable sites are being blocked successfully, and the proxy is passing traffic without a problem.

    Issue is that according to LightSquid, there is zero caching going on…

    Any ideas why?

    Here is the config file from Squid:

    # This file is automatically generated by pfSense
# Do not edit manually !
http_port x.x.x.x:3128
http_port 127.0.0.1:3128 intercept
icp_port 7
dns_v4_first on
pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
error_default_language en
icon_directory /usr/pbi/squid-amd64/etc/squid/icons
visible_hostname pfS
cache_mgr fjrv@outlook.com
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
sslcrtd_children 0
logfile_rotate 90
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  x.x.x.0/24
uri_whitespace strip

# Break HTTP standard for flash videos. Keep them in cache even if asked not to.
refresh_pattern -i .flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private

# Let the clients favorite video site through with full caching
acl youtube dstdomain .youtube.com
cache allow youtube

# Windows Update refresh_pattern
range_offset_limit -1
refresh_pattern -i microsoft.com/.*.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i my.windowsupdate.website.com/.*.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims

# Avast refresh_pattern
range_offset_limit -1
refresh_pattern avast.com/.*.(vpu|cab|stamp|exe) 10080 100% 43200 reload-into-ims
cache_mem 4096 MB
maximum_object_size_in_memory 1024 KB
memory_replacement_policy heap LRU
cache_replacement_policy heap GDSF
cache_dir aufs /var/squid/cache 160000 32 256
minimum_object_size 0 KB
maximum_object_size 10485760 KB
offline_mode offcache_swap_low 90
cache_swap_high 95

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:    1440  20%  10080
refresh_pattern ^gopher:  1440  0%  1440
refresh_pattern -i (/cgi-bin/|?) 0  0%  0
refresh_pattern .    0  20%  4320
# No redirector configured

#Remote proxies

# Setup some default acls
acl allsrc src all
acl localhost src 127.0.0.1/32
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535 
acl sslports port 443 563  
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT

# Define protocols used for redirects
acl HTTP proto HTTP
acl HTTPS proto HTTPS

acl whitelist dstdom_regex -i '/var/squid/acl/whitelist.acl'
acl blacklist dstdom_regex -i '/var/squid/acl/blacklist.acl'
http_access allow manager localhost

# Allow external cache managers
acl ext_manager src 127.0.0.1
acl ext_manager src x.x.x.x
http_access allow manager ext_manager

http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safeports
http_access deny CONNECT !sslports

# Always allow localhost connections
http_access allow localhost

quick_abort_min 10240 KB
quick_abort_max 0 KB
quick_abort_pct 50
request_body_max_size 0 KB
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
# Throttle extensions matched in the url
acl throttle_exts urlpath_regex -i '/var/squid/acl/throttle_exts.acl'
delay_access 1 allow throttle_exts
delay_access 1 deny allsrc

# Reverse Proxy settings

# Package Integration
never_direct allow all
cache_peer 127.0.0.1 parent 3125 0 name=havp no-query no-digest no-netdb-exchange default

redirect_program /usr/pbi/squidguard-squid3-amd64/bin/squidGuard -c /usr/pbi/squidguard-squid3-amd64/etc/squidGuard/squidGuard.conf
redirector_bypass off
url_rewrite_children 5

# Custom options
redirect_children 20

# Always allow access to whitelist domains
http_access allow whitelist
# Block access to blacklist domains
http_access deny blacklist
# Setup allowed acls
# Allow local network(s) on interface(s)
http_access allow localnet
# Default block all to be sure
http_access deny allsrc

    Any help greatly appreciated!

    Thanks!

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy