URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID12
Нить номер: 7016
[ Назад ]

Исходное сообщение
"Squid и блокировка stream в логах бардак("

Отправлено kolka88 , 07-Авг-13 14:34 
Доброго времени суток ув. Форумчане. Прошу вашей помощи так как погуглив так и не нашел нужной мне информации. Имеется прокси squid (Version 3.2.9) на freeBSD (9.0-RELEASE-p7) сервер настроен прозрачно в связке с Cisco 2911 по протоколу wccp. Все работает отлично, но в логах постоянный "срачЪ" типа такого:

2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'deny_rep_mime_flashvideo' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'deny_rep_mime_shockwave' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'fails' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'x-type2' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'fails' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'deny_rep_mime_flashvideo' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'deny_rep_mime_shockwave' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'fails' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'x-type2' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'fails' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'deny_rep_mime_flashvideo' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'deny_rep_mime_shockwave' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'fails' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'x-type2' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'fails' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.
2013/08/01 01:19:28 kid1| ACL::checklistMatches WARNING: 'torrent_mime' ACL is used but there is no HTTP reply -- not matching.

И идут постоянно, помогает только если закоментить в squid.conf эти правила. Соответственно кусок конфига относящиеся к нему:

acl fails rep_mime_type ^.*mms.*
acl fails rep_mime_type ^.*ms-hdr.*
acl fails rep_mime_type ^.*x-fcs.*
acl fails rep_mime_type ^.*x-ms-asf.*
acl fails2 urlpath_regex dvrplayer mediastream mms://
acl fails2 urlpath_regex .asf$ .afx$ .flv$ .swf$
acl deny_rep_mime_flashvideo rep_mime_type -i video/flv
acl deny_rep_mime_shockwave rep_mime_type -i ^application/x-shockwave-flash$
acl x-type req_mime_type -i ^application/octet-stream$
acl x-type req_mime_type -i application/octet-stream
acl x-type req_mime_type -i ^application/x-mplayer2$
acl x-type req_mime_type -i application/x-mplayer2
acl x-type req_mime_type -i ^application/x-oleobject$
acl x-type req_mime_type -i application/x-oleobject
acl x-type req_mime_type -i application/x-pncmd
acl x-type req_mime_type -i ^video/x-ms-asf$
acl x-type2 rep_mime_type -i ^application/octet-stream$
acl x-type2 rep_mime_type -i application/octet-stream
acl x-type2 rep_mime_type -i ^application/x-mplayer2$
acl x-type2 rep_mime_type -i application/x-mplayer2
acl x-type2 rep_mime_type -i ^application/x-oleobject$
acl x-type2 rep_mime_type -i application/x-oleobject
acl x-type2 rep_mime_type -i application/x-pncmd
acl x-type2 rep_mime_type -i ^video/x-ms-asf$
acl torrent_mime rep_mime_type -i ^application/x-bittorrent$
acl torrent_mime rep_mime_type -i application/x-bittorrent


http_reply_access deny deny_rep_mime_flashvideo
http_reply_access deny deny_rep_mime_shockwave
http_access deny fails
http_reply_access deny fails
http_access deny fails2
http_reply_access deny fails2
http_access deny x-type
http_reply_access deny x-type
http_access deny torrent_mime      
http_reply_access deny torrent_mime
#http_access deny x-type2
#http_reply_access deny x-type2
http_access deny torrent_mime
http_reply_access deny torrent_mime


Говорят что это наблюдается в версиях именно от 3.0 и выше. Помогите, может кто то решал уже? Заранее благодарен.


Содержание

Сообщения в этом обсуждении
"Squid и блокировка stream в логах бардак("
Отправлено alexpaknix , 14-Авг-13 08:31 
Не сталкивался лично, но в документации ясно сказано, что rep_mime_type не предназначен для  http_access.

rep_mime_type: regular expression pattern matching on the reply (downloaded content) content-type header. This is only usable in the http_reply_access directive, not http_access.
http://wiki.squid-cache.org/SquidFaq/SquidAcl


"Squid и блокировка stream в логах бардак("
Отправлено kolka88 , 16-Авг-13 02:24 
> Не сталкивался лично, но в документации ясно сказано, что rep_mime_type не предназначен
> для  http_access.
> rep_mime_type: regular expression pattern matching on the reply (downloaded content) content-type
> header. This is only usable in the http_reply_access directive, not http_access.
> http://wiki.squid-cache.org/SquidFaq/SquidAcl

Спасибо Вам огромное! Поправил конфиг и все. Больше ничего лишнего в логах нет! Премного благодарен!