URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID1
Нить номер: 88547
[ Назад ]

Исходное сообщение
"не решена проблема по squid. Выложены логи"

Отправлено kozyr76 , 29-Мрт-10 13:21 
Прошу помочь решить проблему по squid, описанная в предыдущем вопросе.

var/log/squid/squid/cache.log

2010/03/29 12:07:34| Squid Cache (Version 3.0.STABLE20): Exiting normally.
2010/03/29 12:07:36| Starting Squid Cache version 3.0.STABLE20 for x86_64-redhat-linux-gnu...
2010/03/29 12:07:36| Process ID 2361
2010/03/29 12:07:36| With 1024 file descriptors available
2010/03/29 12:07:36| DNS Socket created at 0.0.0.0, port 35802, FD 7
2010/03/29 12:07:36| Adding nameserver 195.5.29.2 from /etc/resolv.conf
2010/03/29 12:07:36| User-Agent logging is disabled.
2010/03/29 12:07:36| Referer logging is disabled.
2010/03/29 12:07:36| Unlinkd pipe opened on FD 11
2010/03/29 12:07:36| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2010/03/29 12:07:36| Swap maxSize 10240000 + 8192 KB, estimated 788322 objects
2010/03/29 12:07:36| Target number of buckets: 39416
2010/03/29 12:07:36| Using 65536 Store buckets
2010/03/29 12:07:36| Max Mem  size: 8192 KB
2010/03/29 12:07:36| Max Swap size: 10240000 KB
2010/03/29 12:07:36| Version 1 of swap file without LFS support detected...
2010/03/29 12:07:36| Rebuilding storage in /var/spool/squid (CLEAN)
2010/03/29 12:07:36| Using Least Load store dir selection
2010/03/29 12:07:36| Set Current Directory to /var/spool/squid
2010/03/29 12:07:36| Loaded Icons.
2010/03/29 12:07:36| Accepting  HTTP connections at 10.17.13.1, port 3128, FD 13.
2010/03/29 12:07:36| HTCP Disabled.
2010/03/29 12:07:36| Ready to serve requests.
2010/03/29 12:07:36| Done reading /var/spool/squid swaplog (0 entries)
2010/03/29 12:07:36| Finished rebuilding storage from disk.
2010/03/29 12:07:36|         0 Entries scanned
2010/03/29 12:07:36|         0 Invalid entries.
2010/03/29 12:07:36|         0 With invalid flags.
2010/03/29 12:07:36|         0 Objects loaded.
2010/03/29 12:07:36|         0 Objects expired.
2010/03/29 12:07:36|         0 Objects cancelled.
2010/03/29 12:07:36|         0 Duplicate URLs purged.
2010/03/29 12:07:36|         0 Swapfile clashes avoided.
2010/03/29 12:07:36|   Took 0.02 seconds (  0.00 objects/sec).
2010/03/29 12:07:36| Beginning Validation Procedure
2010/03/29 12:07:36|   Completed Validation Procedure
2010/03/29 12:07:36|   Validated 25 Entries
2010/03/29 12:07:36|   store_swap_size = 0
2010/03/29 12:07:37| storeLateRelease: released 0 objects
2010/03/29 12:09:06| Squid is already running!  Process ID 2361
2010/03/29 12:09:13| Squid is already running!  Process ID 2361
2010/03/29 12:12:46| Preparing for shutdown after 0 requests
2010/03/29 12:12:46| Waiting 30 seconds for active connections to finish
2010/03/29 12:12:46| FD 13 Closing HTTP connection
2010/03/29 12:13:17| Shutting down...
2010/03/29 12:13:17| Closing unlinkd pipe on FD 11
2010/03/29 12:13:17| storeDirWriteCleanLogs: Starting...
2010/03/29 12:13:17|   Finished.  Wrote 0 entries.
2010/03/29 12:13:17|   Took 0.00 seconds (  0.00 entries/sec).
CPU Usage: 0.292 seconds = 0.165 user + 0.127 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
        total space in arena:    3824 KB
        Ordinary blocks:         3706 KB      3 blks
        Small blocks:               0 KB      6 blks
        Holding blocks:          2500 KB     10 blks
        Free Small blocks:          0 KB
        Free Ordinary blocks:     117 KB
        Total in use:            6206 KB 162%
        Total free:               118 KB 3%


Содержание

Сообщения в этом обсуждении
"не решена проблема по squid. Выложены логи"
Отправлено PavelR , 29-Мрт-10 13:42 
>Прошу помочь решить проблему по squid, описанная в предыдущем вопросе.

Дык где вопрос-то ?


"не решена проблема по squid. Выложены логи"
Отправлено aaa , 29-Мрт-10 14:31 
iptables:
*nat
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j SNAT --to-source yyy.yyy.yyy.yyy
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type destination-unreachable -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p icmp -m icmp --icmp-type parameter-problem -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p icmp -m icmp --icmp-type source-quench -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -p icmp -m icmp --icmp-type destination-unreachable -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -p icmp -m icmp --icmp-type parameter-problem -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -p icmp -m icmp --icmp-type source-quench -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -i eth0 -j ACCEPT
-A FORWARD -i eth1 -j ACCEPT
-A FORWARD -o eth0 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
^^^^^^^^^^^^ -- Ваш конфиг иптаблес
А Вы открыть порт в иптаблесах для сквида не пробовали?

"не решена проблема по squid. Выложены логи"
Отправлено kozyr76 , 29-Мрт-10 16:43 
а как его здесь открыть в какой цепочке ?

"не решена проблема по squid. Выложены логи"
Отправлено Rusadmin , 31-Мрт-10 09:45 
>а как его здесь открыть в какой цепочке ?

Видно же что политика по умолчанию ACCEPT, тоесть у вас вообще ничего не зкакрыто, кроме ICMP. Кста, а где вопрос тО?