Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Erro no Squid - the cache administrador does not allow this cache to make direct

    Scheduled Pinned Locked Moved Portuguese
    3 Posts 2 Posters 612 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gugahb
      last edited by

      Boa tarde Galera, podem me ajudar com uma coisa, ativei o squid e ele monitorou tranquilamente, mas depois de um tempo ele deu esse erro:

      the cache administrador does not allow this cache to make direct connections to origin servers
      all configured parent caches are currently unreachable

      Já procurei em todos lugares o que pode ser, não consegui achar, já até liberei umas portas no firewall para ver se seria isso, mas não consegui identificar.

      Obrigado pela ajuda, estou mandando um print do erro.

      Obs: o facebook ele continuou acessando normalmente.

      ![Foto 17-07-15 18 03 10.jpg](/public/imported_attachments/1/Foto 17-07-15 18 03 10.jpg)
      ![Foto 17-07-15 18 03 10.jpg_thumb](/public/imported_attachments/1/Foto 17-07-15 18 03 10.jpg_thumb)

      1 Reply Last reply Reply Quote 0
      • T
        tomaswaldow
        last edited by

        Deve ter algum erro e configuração do squid.
        Coloque as configurações.

        Tomas @ 2W Consultoria

        1 Reply Last reply Reply Quote 0
        • G
          gugahb
          last edited by

          Segue abaixo:

          squid.inc

          /* $Id$ */
          /*
                  squid.inc
                  Copyright (C) 2006-2009 Scott Ullrich
                  Copyright (C) 2006 Fernando Lemos
                  Copyright (C) 2008 Martin Fuchs
                  All rights reserved.
          
                  Redistribution and use in source and binary forms, with or without
                  modification, are permitted provided that the following conditions are met:
          
                  1\. Redistributions of source code must retain the above copyright notice,
                     this list of conditions and the following disclaimer.
          
                  2\. Redistributions in binary form must reproduce the above copyright
                     notice, this list of conditions and the following disclaimer in the
                     documentation and/or other materials provided with the distribution.
          
                  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
                  INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
                  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
                  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
                  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
                  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
                  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
                  POSSIBILITY OF SUCH DAMAGE.
          */
          
          require_once('globals.inc');
          require_once('config.inc');
          require_once('util.inc');
          require_once('pfsense-utils.inc');
          require_once('pkg-utils.inc');
          require_once('service-utils.inc');
          
          if(!function_exists("filter_configure"))
                  require_once("filter.inc");
          
          $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
          if ($pf_version > 2.0)
                  define('SQUID_LOCALBASE', '/usr/pbi/squid-' . php_uname("m"));
          else
            define('SQUID_LOCALBASE','/usr/local');
          
          define('SQUID_CONFBASE',SQUID_LOCALBASE . '/etc/squid');
          define('SQUID_BASE', '/var/squid/');
          define('SQUID_ACLDIR', '/var/squid/acl');
          define('SQUID_PASSWD', '/var/etc/squid.passwd');
          
          $valid_acls = array();
          
          function squid_get_real_interface_address($iface) {
                  global $config;
          
                  $iface = convert_friendly_interface_to_real_interface_name($iface);
                  $line = trim(shell_exec("ifconfig $iface | grep inet | grep -v inet6"));
                  list($dummy, $ip, $dummy2, $netmask) = explode(" ", $line);
          
                  return array($ip, long2ip(hexdec($netmask)));
          }
          
          function squid_chown_recursive($dir, $user, $group) {
                  chown($dir, $user);
                  chgrp($dir, $group);
                  $handle = opendir($dir) ;
                  while (($item = readdir($handle)) !== false) {
                          if (($item != ".") && ($item != "..")) {
                                  $path = "$dir/$item";
                                  // Recurse unless it's the cache dir, that is slow and rarely necessary.
                                  if (is_dir($path) && (basename($dir) != "cache"))
                                          squid_chown_recursive($path, $user, $group);
                                  elseif (is_file($path)) {
                                          chown($path, $user);
                                          chgrp($path, $group);
                                  }
                          }
                  }
          }
          
          /* setup cache */
          function squid_dash_z() {
                  global $config;
                  $settings = $config['installedpackages']['squidcache']['config'][0];
          
                  // If the cache system is null, there is no need to initialize the (irrelevant) cache dir.
                  if ($settings['harddisk_cache_system'] == "null")
                          return;
          
                  $cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache');
          
                  if(!is_dir($cachedir.'/')) {
                          log_error("Creating Squid cache dir $cachedir");
                          @mkdir($cachedir, 0755, true);
                          // Double check permissions here, should be safe to recurse cache dir if it's small here.
                          mwexec("/usr/sbin/chown -R proxy:proxy $cachedir");
                  }
          
                  if(!is_dir($cachedir.'/00/')) {
                          log_error("Creating squid cache subdirs in $cachedir");
                          mwexec(SQUID_LOCALBASE . "/sbin/squid -k shutdown");
                          sleep(5);
                          mwexec(SQUID_LOCALBASE . "/sbin/squid -k kill");
                          // Double check permissions here, should be safe to recurse cache dir if it's small here.
                          mwexec("/usr/sbin/chown -R proxy:proxy $cachedir");
                          mwexec(SQUID_LOCALBASE . "/sbin/squid -z");
                  }
          
                  if(file_exists("/var/squid/cache/swap.state")) {
                          chown("/var/squid/cache/swap.state", "proxy");
                          chgrp("/var/squid/cache/swap.state", "proxy");
                          exec("chmod a+rw /var/squid/cache/swap.state");
                  }
          
          }
          
          function squid_is_valid_acl($acl) {
                  global $valid_acls;
                  if(!is_array($valid_acls))
                          return;
                  return in_array($acl, $valid_acls);
          }
          
          function squid_install_command() {
                  global $config;
                  global $g;
                  /* migrate existing csv config fields */
                  $settingsauth = $config['installedpackages']['squidauth']['config'][0];
                  $settingscache = $config['installedpackages']['squidcache']['config'][0];
                  $settingsnac = $config['installedpackages']['squidnac']['config'][0];
          
          [s]        /* Set storage system */
                  if ($g['platform'] == "nanobsd") {
                          $config['installedpackages']['squidcache']['config'][0]['harddisk_cache_system'] = 'null';
                  }
          
                  /* migrate auth settings */
                                  $settingsauth['no_auth_hosts'] = base64_encode(implode("\n", explode(",", $settingsauth['no_auth_hosts'])));
                                  $config['installedpackages']['squidauth']['config'][0]['no_auth_hosts'] = $settingsauth['no_auth_hosts'];
                          }
                  }
          
                  /* migrate cache settings */
                  if (!empty($settingscache['donotcache'])) {
                          if(strstr($settingscache['donotcache'], ",")) {
                                  $settingscache['donotcache'] = base64_encode(implode("\n", explode(",", $settingscache['donotcache'])));
                                  $config['installedpackages']['squidcache']['config'][0]['donotcache'] = $settingscache['donotcache'];
                          }
                  /* migrate nac settings */
                  if(! empty($settingsnac['allowed_subnets'])) {
                          if(strstr($settingsnac['allowed_subnets'], ",")) {
                                  $settingsnac['allowed_subnets'] = base64_encode(implode("\n", explode(",", $settingsnac['allowed_subnets'])));
                                  $config['installedpackages']['squidnac']['config'][0]['allowed_subnets'] = $settingsnac['allowed_subnets'];
                          }
                  }
          
                  if(! empty($settingsnac['banned_hosts'])) {
                          if(strstr($settingsnac['banned_hosts'], ",")) {
                                  $settingsnac['banned_hosts'] = base64_encode(implode("\n", explode(",", $settingsnac['banned_hosts'])));
                  }
          
                  if(! empty($settingsnac['banned_macs'])) {
                          if(strstr($settingsnac['banned_macs'], ",")) {
                                  $settingsnac['banned_macs'] = base64_encode(implode("\n", explode(",", $settingsnac['banned_macs'])));
                                  $config['installedpackages']['squidnac']['config'][0]['banned_macs'] = $settingsnac['banned_macs'];
                          }
                  }
          
                  if(! empty($settingsnac['unrestricted_hosts'])) {
                          if(strstr($settingsnac['unrestricted_hosts'], ",")) {
                                  $settingsnac['unrestricted_hosts'] = base64_encode(implode("\n", explode(",", $settingsnac['unrestricted_hosts'])));
                                  $config['installedpackages']['squidnac']['config'][0]['unrestricted_hosts'] = $settingsnac['unrestricted_hosts'];
                          }
                  }
          
                  if(! empty($settingsnac['unrestricted_macs'])) {
                          if(strstr($settingsnac['unrestricted_macs'], ",")) {
                                  $settingsnac['unrestricted_macs'] = base64_encode(implode("\n", explode(",", $settingsnac['unrestricted_macs'])));
                                  $config['installedpackages']['squidnac']['config'][0]['unrestricted_macs'] = $settingsnac['unrestricted_macs'];
                          }
                  }
          
                  if(! empty($settingsnac['whitelist'])) {
                          if(strstr($settingsnac['whitelist'], ",")) {
                                  $settingsnac['whitelist'] = base64_encode(implode("\n", explode(",", $settingsnac['whitelist'])));
                                  $config['installedpackages']['squidnac']['config'][0]['whitelist'] = $settingsnac['whitelist'];
                          }
                  }
          
                  if(! empty($settingsnac['blacklist'])) {
                          if(strstr($settingsnac['blacklist'], ",")) {
                                  $settingsnac['blacklist'] = base64_encode(implode("\n", explode(",", $settingsnac['blacklist'])));
                                  $config['installedpackages']['squidnac']['config'][0]['blacklist'] = $settingsnac['blacklist'];
                          }
                  }
          
                  write_config();
          
                  /* create cache */
                  update_status("Creating squid cache pools... One moment please...");
                  squid_dash_z();
                  /* make sure pinger is executable */
                  if(file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger"))
                          exec("/bin/chmod a+x " . SQUID_LOCALBASE . "/libexec/squid/pinger");
                  if(file_exists(SQUID_LOCALBASE . "/etc/rc.d/squid"))
                          exec("/bin/rm " . SQUID_LOCALBASE . "/etc/rc.d/squid");
                  if(file_exists("/usr/local/pkg/swapstate_check.php"))
                          exec("/bin/chmod a+x /usr/local/pkg/swapstate_check.php");
          
                  foreach (array( SQUID_CONFBASE,
                          @mkdir($dir, 0755, true);
                          squid_chown_recursive($dir, 'proxy', 'proxy');
                  }
          Message from syslogd@pfSense at Jul 21 20:31:26 ...
          pfSense php-fpm[93869]: /index.php: Successful login for user 'jpsinieghi' from: 12.8.0.15
          
                  /* kill any running proxy alarm scripts */
                  update_status("Checking for running processes... One moment please...");
                  log_error("Stopping any running proxy monitors");
                  mwexec("/usr/local/etc/rc.d/sqp_monitor.sh stop");
                  sleep(1);
          
                  if (!file_exists(SQUID_CONFBASE . '/mime.conf') && file_exists(SQUID_CONFBASE . '/mime.conf.default'))
                          copy(SQUID_CONFBASE . '/mime.conf.default', SQUID_CONFBASE . '/mime.conf');
          
                  update_status("Checking cache... One moment please...");
                  squid_dash_z();
          
                  if (!is_service_running('squid')) {
                          update_status("Starting... One moment please...");
                          log_error("Starting Squid");
                          mwexec_bg(SQUID_LOCALBASE . "/sbin/squid -D");
                  } else {
                          update_status("Reloading Squid for configuration sync... One moment please...");
                          log_error("Reloading Squid for configuration sync");
                          mwexec(SQUID_LOCALBASE . "/sbin/squid -k reconfigure");
                  }
          
                  /* restart proxy alarm scripts */
          
                  update_status("Reconfiguring filter... One moment please...");
                  filter_configure();
                                  break;
                  }
          
                  return $rules;
          }
          
          function squid_write_rcfile() {
                  $rc = array();
                  $SQUID_LOCALBASE = SQUID_LOCALBASE;
                  $rc['file'] = 'squid.sh';
                  $rc['start'] = <<<eod<br>if [ -z "`ps auxw | grep "[s]quid -D"|awk '{print $2}'`" ];then
                  {$SQUID_LOCALBASE}/sbin/squid -D
          fi
          
          EOD;
                  $rc['stop'] = <<<eod<br>{$SQUID_LOCALBASE}/sbin/squid -k shutdown
          # Just to be sure...
          sleep 5
          killall -9 squid 2>/dev/null
          killall pinger 2>/dev/null
          
          EOD;
                  $rc['restart'] = <<<eod<br>if [ -z "`ps auxw | grep "[s]quid -D"|awk '{print $2}'`" ];then
                          {$SQUID_LOCALBASE}/sbin/squid -D
                  else
                          {$SQUID_LOCALBASE}/sbin/squid -k reconfigure
                  fi
          
          EOD;
                  conf_mount_rw();
                  write_rcfile($rc);
                  write_rcfile(array(
                          "file" => "sqp_monitor.sh",
                          "start" => "/usr/local/pkg/sqpmon.sh &",
                          "stop" => "ps awux | grep \"sqpmon\" | grep -v \"grep\" | grep -v \"php\" | awk '{ print $2 }' | xargs kill"));
                  conf_mount_ro();
          }
          ?>
          
          [b]squid.conf[/b]
          [code]# Do not edit manually !
          http_port 12.10.0.5:3128
          http_port 12.8.0.5:3128
          http_port 127.0.0.1:3128 transparent
          icp_port 0
          
          pid_filename /var/run/squid.pid
          cache_effective_user proxy
          cache_effective_group proxy
          error_directory /usr/pbi/squid-amd64/etc/squid/errors/English
          icon_directory /usr/pbi/squid-amd64/etc/squid/icons
          visible_hostname localhost
          cache_mgr gustavo@comunidadecn.com
          access_log /var/squid/logs/access.log
          cache_log /var/squid/logs/cache.log
          cache_store_log none
          logfile_rotate 60
          shutdown_lifetime 3 seconds
          httpd_suppress_version_string on
          uri_whitespace strip
          
          cache_mem 64 MB
          maximum_object_size_in_memory 32 KB
          memory_replacement_policy heap GDSF
          cache_replacement_policy heap LFUDA
          cache_dir ufs /var/squid/cache 1024 16 256
          minimum_object_size 0 KB
          maximum_object_size 4 KB
          offline_mode off
          cache_swap_low 90
          cache_swap_high 95
          
          # No redirector configured
          
          # Setup some default acls
          acl all src 0.0.0.0/0.0.0.0
          acl localhost src 127.0.0.1/255.255.255.255
          acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
          acl sslports port 443 563
          acl manager proto cache_object
          acl purge method PURGE
          acl connect method CONNECT
          acl dynamic urlpath_regex cgi-bin \?
          acl allowed_subnets src 12.10.0.0/23 12.8.0.0/22
          cache deny dynamic
          http_access allow manager localhost
          
          # Allow external cache managers
          acl ext_manager_1 src 127.0.0.1
          http_access allow manager ext_manager_1
          acl ext_manager_2 src 12.10.0.5
          http_access allow manager ext_manager_2
          acl ext_manager_3 src 12.8.0.5
          http_access allow manager ext_manager_3
          
          http_access deny manager
          http_access allow purge localhost
          http_access deny purge
          http_access deny !safeports
          http_access deny CONNECT !sslports
          
          # Always allow localhost connections
          http_access allow localhost
          
          request_body_max_size 0 KB
          reply_body_max_size 0 deny all
          delay_pools 1
          delay_class 1 2
          delay_parameters 1 -1/-1 -1/-1
          delay_initial_bucket_level 100
          delay_access 1 allow all
          
          # Setup allowed acls
          http_access allow allowed_subnets
          # Default block all to be sure
          http_access deny all
          [/code][/s]</eod<br></eod<br></eod<br>
          
          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.