HAsil Squid

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
p3l4ngg4n
Posts: 1
Joined: 06 Dec 2012, 17:21
Location: lumajang, indonesia
Contact:

HAsil Squid

Postby p3l4ngg4n » 06 Dec 2012, 17:53

2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
WARNING: Cannot write log file: /var/log/squid/cache.log
/var/log/squid/cache.log: Permission denied
messages will be sent to 'stderr'.
2012/12/06 17:27:31| Starting Squid Cache version LUSCA_HEAD-r14809 for i686-pc-linux-gnu...
2012/12/06 17:27:31| Starting Squid Cache version LUSCA_HEAD-r14809 for i686-pc-linux-gnu...
2012/12/06 17:27:31| Process ID 2422
2012/12/06 17:27:31| Process ID 2422
2012/12/06 17:27:31| NOTICE: Could not increase the number of filedescriptors
2012/12/06 17:27:31| NOTICE: Could not increase the number of filedescriptors
2012/12/06 17:27:31| With 1024 file descriptors available
2012/12/06 17:27:31| With 1024 file descriptors available
2012/12/06 17:27:31| Using epoll for the IO loop
2012/12/06 17:27:31| Using epoll for the IO loop
2012/12/06 17:27:31| Adding nameserver 8.8.8.8 from /etc/resolv.conf
2012/12/06 17:27:31| Adding nameserver 8.8.8.8 from /etc/resolv.conf
2012/12/06 17:27:31| DNS Socket created at 0.0.0.0, port 36063, FD 6
2012/12/06 17:27:31| Adding nameserver 8.8.4.4 from /etc/resolv.conf
2012/12/06 17:27:31| Adding nameserver 8.8.4.4 from /etc/resolv.conf
2012/12/06 17:27:31| helperOpenServers: Starting 4 'supercache.pl' processes
2012/12/06 17:27:31| helperOpenServers: Starting 4 'supercache.pl' processes
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
2012/12/06 17:27:31| logfileOpen: opening log daemon:/var/log/squid/access.log
2012/12/06 17:27:31| logfileOpen: opening log daemon:/var/log/squid/access.log
2012/12/06 17:27:31| Logfile Daemon: opening log /var/log/squid/access.log
2012/12/06 17:27:31| Logfile Daemon: opening log /var/log/squid/access.log
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
fopen: Permission denied
2012/12/06 17:27:31| Swap maxSize 33499136 + 8192 KB, estimated 2577486 objects
2012/12/06 17:27:31| Swap maxSize 33499136 + 8192 KB, estimated 2577486 objects
2012/12/06 17:27:31| Target number of buckets: 128874
2012/12/06 17:27:31| Target number of buckets: 128874
2012/12/06 17:27:31| Using 131072 Store buckets
2012/12/06 17:27:31| Using 131072 Store buckets
2012/12/06 17:27:31| Max Mem size: 8192 KB
2012/12/06 17:27:31| Max Mem size: 8192 KB
2012/12/06 17:27:31| Max Swap size: 33499136 KB
2012/12/06 17:27:31| Max Swap size: 33499136 KB
2012/12/06 17:27:31| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2012/12/06 17:27:31| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2012/12/06 17:27:31| Store logging disabled
2012/12/06 17:27:31| Store logging disabled
2012/12/06 17:27:31| /cache1/swap.state: (13) Permission denied
2012/12/06 17:27:31| /cache1/swap.state: (13) Permission denied
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
2012/12/06 17:27:31| ALERT: setgid: (1) Operation not permitted
FATAL: storeAufsDirOpenSwapLog: Failed to open swap log.
Squid Cache (Version LUSCA_HEAD-r14809): Terminated abnormally.
CPU Usage: 0.024 seconds = 0.016 user + 0.008 sys
Maximum Resident Size: 18320 KB
Page faults with physical i/o: 0
Aborted (core dumped)



Mohon pencerahanya kepada para master:
Ini yang error di mana, apa di nilai procesor, ip yang di gunakan atau kelebihan memasukkan nilai untuk cache.

Mohon penjelasannya.

Terima kasih Master
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: HAsil Squid

Postby q_p » 06 Dec 2012, 18:37

Masalahnya mungkin di permission-nya yang belum di-setting:
Tampilkan
WARNING: Cannot write log file: /var/log/squid/cache.log
/var/log/squid/cache.log: Permission denied
...
...
2012/12/06 17:27:31| /cache1/swap.state: (13) Permission denied
2012/12/06 17:27:31| /cache1/swap.state: (13) Permission denied
Coba anda set dengan :

Code: Select all

$chown -R proxy:proxy /var/log/squid/cache.log
$chmod 777 /var/log/squid/cache.log
$chown -R proxy:proxy /cache1/swap.state
$chmod 777 /cache1/swap.state
CMIIW
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: HAsil Squid

Postby q_p » 06 Dec 2012, 18:47

Tambahan:
2012/12/06 17:27:31| NOTICE: Could not increase the number of filedescriptors
2012/12/06 17:27:31| NOTICE: Could not increase the number of filedescriptors
2012/12/06 17:27:31| With 1024 file descriptors available
2012/12/06 17:27:31| With 1024 file descriptors available
Berapa nilai file-descriptor yang anda masukkan saat ngupil, berapa yang anda inputkan ke squid.conf dan berapa output dari perintah 'ulimit -HSn', harus ada kesesuaian. CMIIW
User avatar
budi11
Posts: 97
Joined: 01 Dec 2012, 19:56
Location: Magetan
Contact:

Re: HAsil Squid

Postby budi11 » 06 Dec 2012, 20:09

Kalau permission denied pasti berhubungan dengan user dan group yang menjalankan squid, saya pakai squid3 yang menjalankan user proxy

root@budi-desktop:~# ps aux| grep squid
proxy 1078 0.0 0.3 29060 2952 ? Ss 19:21 0:01 /usr/sbin/squid3 -N -YC -f /etc/squid3/squid.conf

yang punya file juga user proxy

root@budi-desktop:~# ls -la /var/log/squid3/
total 840
drwxr-xr-x 2 proxy proxy 4096 Des 6 13:23 .
drwxr-xr-x 32 root root 4096 Des 6 19:21 ..
-rw-r----- 1 proxy proxy 0 Des 6 13:23 access.log
-rw-r----- 1 proxy proxy 665296 Des 5 16:56 access.log.1
-rw-r----- 1 proxy proxy 120193 Des 4 21:42 access.log.2.gz
-rw-r----- 1 proxy proxy 24901 Des 6 19:26 cache.log
-rw-r----- 1 proxy proxy 18004 Des 6 13:01 cache.log.1
-rw-r----- 1 proxy proxy 2787 Des 5 10:36 cache.log.2.gz
User avatar
chitoz
Posts: 86
Joined: 11 May 2012, 16:38

Re: HAsil Squid

Postby chitoz » 13 Dec 2012, 10:15

klo punya ane kayak gini gan

nano /var/log/squid/cache.log

2012/12/13 06:41:14| storeDirWriteCleanLogs: Starting...
2012/12/13 06:41:14| Finished. Wrote 42935 entries.
2012/12/13 06:41:14| Took 0.0 seconds (2766787.0 entries/sec).
2012/12/13 06:41:14| logfileRotate: /var/log/squid/access.log
2012/12/13 06:41:14| logfileRotate (stdio): /var/log/squid/access.log
2012/12/13 10:07:42| Preparing for shutdown after 7340 requests
2012/12/13 10:07:42| Waiting 10 seconds for active connections to finish
2012/12/13 10:07:42| FD 15 Closing HTTP connection
2012/12/13 10:07:47| Starting Squid Cache version 2.7.STABLE7 for i386-debian-linux-gnu...
2012/12/13 10:07:47| Process ID 23278
2012/12/13 10:07:47| With 8192 file descriptors available
2012/12/13 10:07:47| Using epoll for the IO loop
2012/12/13 10:07:47| DNS Socket created at 0.0.0.0, port 54829, FD 6
2012/12/13 10:07:47| Adding nameserver 192.168.10.1 from squid.conf
2012/12/13 10:07:47| User-Agent logging is disabled.
2012/12/13 10:07:47| Referer logging is disabled.
2012/12/13 10:07:47| logfileOpen: opening log /var/log/squid/access.log
2012/12/13 10:07:47| Unlinkd pipe opened on FD 12
2012/12/13 10:07:47| Swap maxSize 20480000 + 8192 KB, estimated 1576014 objects
2012/12/13 10:07:47| Target number of buckets: 78800
2012/12/13 10:07:47| Using 131072 Store buckets
2012/12/13 10:07:47| Max Mem size: 8192 KB
2012/12/13 10:07:47| Max Swap size: 20480000 KB
2012/12/13 10:07:47| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2012/12/13 10:07:47| Store logging disabled
2012/12/13 10:07:47| Rebuilding storage in /home/proxy1 (DIRTY)
2012/12/13 10:07:47| Rebuilding storage in /home/proxy2 (DIRTY)
2012/12/13 10:07:47| Using Least Load store dir selection
2012/12/13 10:07:47| Set Current Directory to /var/spool/squid
2012/12/13 10:07:47| Loaded Icons.
2012/12/13 10:07:47| Accepting transparently proxied HTTP connections at 0.0.0.0, port 312$
2012/12/13 10:07:47| Accepting ICP messages at 0.0.0.0, port 3130, FD 16.
2012/12/13 10:07:47| HTCP Disabled.
2012/12/13 10:07:47| Accepting SNMP messages on port 3401, FD 17.
2012/12/13 10:07:47| WCCP Disabled.
2012/12/13 10:07:47| Ready to serve requests.
2012/12/13 10:07:47| Store rebuilding is 19.7% complete
2012/12/13 10:07:48| Done reading /home/proxy1 swaplog (20754 entries)
2012/12/13 10:07:47| Rebuilding storage in /home/proxy2 (DIRTY)
2012/12/13 10:07:47| Using Least Load store dir selection
2012/12/13 10:07:47| Set Current Directory to /var/spool/squid
2012/12/13 10:07:47| Loaded Icons.
2012/12/13 10:07:47| Accepting transparently proxied HTTP connections at 0.0.0.0, port 312$
2012/12/13 10:07:47| Accepting ICP messages at 0.0.0.0, port 3130, FD 16.
2012/12/13 10:07:47| HTCP Disabled.
2012/12/13 10:07:47| Accepting SNMP messages on port 3401, FD 17.
2012/12/13 10:07:47| WCCP Disabled.
2012/12/13 10:07:47| Ready to serve requests.
2012/12/13 10:07:47| Store rebuilding is 19.7% complete
2012/12/13 10:07:48| Done reading /home/proxy1 swaplog (20754 entries)
2012/12/13 10:07:48| Done reading /home/proxy2 swaplog (22472 entries)
2012/12/13 10:07:48| Finished rebuilding storage from disk.
2012/12/13 10:07:48| 43213 Entries scanned
2012/12/13 10:07:48| 0 Invalid entries.
2012/12/13 10:07:48| 0 With invalid flags.
2012/12/13 10:07:48| 43213 Objects loaded.
2012/12/13 10:07:48| 0 Objects expired.
2012/12/13 10:07:48| 13 Objects cancelled.
2012/12/13 10:07:48| 5 Duplicate URLs purged.
2012/12/13 10:07:48| 0 Swapfile clashes avoided.
2012/12/13 10:07:48| Took 0.8 seconds (57137.8 objects/sec).
2012/12/13 10:07:48| Beginning Validation Procedure
2012/12/13 10:07:48| Completed Validation Procedure
2012/12/13 10:07:48| Validated 43195 Entries
2012/12/13 10:07:48| store_swap_size = 636076k
2012/12/13 10:07:48| storeLateRelease: released 0 objects


mohon diperiksa,.apakah udah bener..?

Thanks..:)
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: HAsil Squid

Postby q_p » 13 Dec 2012, 17:43

@Chitoz
Sudah benar itu mas dan kalau sudah begitu anda bisa menghilangkan cache.log. Gunakan file log seperlunya saja u/ meringankan kerja squid squid. Lebih bagus lagi, gunakan 1 dir_cache u/ setiap HDD dan terpisah dari file system.
User avatar
chitoz
Posts: 86
Joined: 11 May 2012, 16:38

Re: HAsil Squid

Postby chitoz » 13 Dec 2012, 21:13

Sudah benar itu mas dan kalau sudah begitu anda bisa menghilangkan cache.log.


cache log nya apa di sini mas
/home/proxy1
/home/proxy2

ane pake 1 HD jadi cuman beda partisi aja..
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: HAsil Squid

Postby q_p » 13 Dec 2012, 21:31

Bukan, itu cache_dir (gunakan hanya 1 saja jika keduanya terletak di satu HDD). Cari yang mengandung karakter "log", ini contohnya mas :

Code: Select all

cache_swap_log /var/log/squid/swap.state
cache_access_log /var/log/squid/access.log
cache_log /dev/null
cache_store_log /dev/null
emulate_httpd_log off
User avatar
Aira
Posts: 70
Joined: 22 Mar 2012, 21:20

Re: HAsil Squid

Postby Aira » 13 Sep 2013, 04:08

Tanya dunk mas, om, sesepuh disini klo begini knp yaa...

Tampilkan
root@proxygiga:~# squid -k parse
2013/09/13 04:05:47| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2013/09/13 04:05:47| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
2013/09/13 04:05:47| WARNING: You should probably remove '::/0' from the ACL named 'all'
2013/09/13 04:05:47| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2013/09/13 04:05:47| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable
2013/09/13 04:05:47| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'
2013/09/13 04:05:47| WARNING: (B) '127.0.0.0/8' is a subnetwork of (A) '127.0.0.0/8'
2013/09/13 04:05:47| WARNING: because of this '127.0.0.0/8' is ignored to keep splay tree searching predictable
2013/09/13 04:05:47| WARNING: You should probably remove '127.0.0.0/8' from the ACL named 'to_localhost'
2013/09/13 04:05:47| Processing Configuration File: /etc/squid3/squid.conf (depth 0)
2013/09/13 04:05:47| Processing: acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
2013/09/13 04:05:47| WARNING: (B) '10.0.0.0/8' is a subnetwork of (A) '10.0.0.0/8'
2013/09/13 04:05:47| WARNING: because of this '10.0.0.0/8' is ignored to keep splay tree searching predictable
2013/09/13 04:05:47| WARNING: You should probably remove '10.0.0.0/8' from the ACL named 'localnet'
2013/09/13 04:05:47| Processing: acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
2013/09/13 04:05:47| WARNING: (B) '172.16.0.0/12' is a subnetwork of (A) '172.16.0.0/12'
2013/09/13 04:05:47| WARNING: because of this '172.16.0.0/12' is ignored to keep splay tree searching predictable
2013/09/13 04:05:47| WARNING: You should probably remove '172.16.0.0/12' from the ACL named 'localnet'
2013/09/13 04:05:47| Processing: acl network src 192.168.1.0/24 # RFC1918 possible internal network
2013/09/13 04:05:47| WARNING: (B) '192.168.1.0/24' is a subnetwork of (A) '192.168.1.0/24'
2013/09/13 04:05:47| WARNING: because of this '192.168.1.0/24' is ignored to keep splay tree searching predictable
2013/09/13 04:05:47| WARNING: You should probably remove '192.168.1.0/24' from the ACL named 'network'


Untuk squid.conf nya
Tampilkan
# ACCESS CONTROLS OPTIONS
# Recommended minimum configuration :
# ===================================

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#ACL Section mylan myacl
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl network src 192.168.1.0/24 # RFC1918 possible internal network

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

acl QUERY urlpath_regex -i (begin|start)\=
acl QUERY urlpath_regex -i cgi-bin \? .php$ .asp$ .shtml$ .cfm$ .cfml$ .phtml$ .php3$ localhost
acl dontrewrite url_regex -i c\.youtube\.com\/.*(begin|start)\=.*
acl dontrewrite url_regex redbot\.org
acl getmethod method GET
acl redir urlpath_regex -i &redirect_counter=1&cms_redirect=yes
acl redir urlpath_regex -i &ir=1&rr=12
acl yutub url_regex -i youtube\.com\/(generate_204|ptracking|stream_204|player_204|s|(.*(playback|watchtime|delayplay)))\?.*$
acl yutub url_regex -i gstatic\.com\/csi\?.*$

acl rewritedoms url_regex -i dl\.sourceforge\.net.*
acl rewritedoms url_regex -i i[0-9]*\.ytimg\.com.*
acl rewritedoms url_regex -i ak\.fbcdn\.net.*
acl rewritedoms url_regex -i (youtube|google).*\/videoplayback\?.*

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow network
http_access allow localnet
http_access deny all

### untuk pertama kali config jalankan perintah berikut "/usr/lib/squid3/ssl_crtd -c -s /etc/squid3/ssl_db"
#https_port 3127 tproxy ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid3/myCA.pem

# Squid normally listens to port 3128
#http_port 3128 transparent
http_port 3128

#http_port 3129 tproxy
#always_direct allow all
#ssl_bump server-first all
#sslcrtd_program /usr/lib/squid3/ssl_crtd -s /etc/squid3/ssl_db -M 4MB
#sslcrtd_children 5
#sslproxy_cert_error deny all

hierarchy_stoplist cgi-bin ?

cache allow rewritedoms
cache deny QUERY
cache deny redir

memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_mem 128 MB
maximum_object_size_in_memory 8 KB
minimum_object_size 1 KB
maximum_object_size 1024 MB
cache_swap_low 95
cache_swap_high 99

# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/cache/squid 100 16 256
cache_dir aufs /cache1 66500 63 256
cache_dir aufs /cache2 66500 63 256
cache_dir aufs /cache3 66500 63 256

coredump_dir /var/spool/squid3

#logformat squid1 %{Referer}>h %ru
#access_log /var/log/squid3/yt.log squid1 yutub
access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
cache_store_log none
logfile_rotate 5
log_icp_queries off

store_id_program /etc/squid3/store-id.pl
store_id_children 20 startup=10 idle=5 concurrency=30
store_id_access deny !getmethod
store_id_access deny redir
store_id_access deny dontrewrite
store_id_access allow rewritedoms
store_id_access deny all

strip_query_terms off

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 60 50% 14400 store-stale
#refresh_pattern . 0 20% 4320

# MISCELLANEOUS
# ===========
memory_pools off
client_db off
#reload_into_ims on
pipeline_prefetch on
offline_mode off

# ADMINISTRATIVE PARAMETERS
# =====================
cache_mgr webmaster
cache_effective_user proxy
cache_effective_group proxy
visible_hostname proxy

# ANONIMITY OPTIONS
# ===============
request_header_access From deny all
request_header_access Server deny all
request_header_access Link deny all
request_header_access Via deny all
request_header_access X-Forwarded-For deny all

vary_ignore_expire on

#Marking ZPH local
#=================
qos_flows local-hit=0x30
# sibling
# qos_flows sibling-hit=0x31
# parent
# qos_flows parent-hit=0x32
# preserve
# qos_flows disable-preserve-miss

### END CONFIGURATION ###
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: HAsil Squid

Postby q_p » 13 Sep 2013, 16:06

Menggunakan squid-3 ya mas ? abaikan saja, itu warning kok :)
User avatar
Aira
Posts: 70
Joined: 22 Mar 2012, 21:20

Re: HAsil Squid

Postby Aira » 14 Sep 2013, 01:50

Hehehee...
Pragola_Pati wrote:Menggunakan squid-3 ya mas ? abaikan saja, itu warning kok :)

Ya neh mas Pragola lagi nyoba2 mudah2an aja berhasil cuman ada satu lagi pertanyaan pas saya coba
squid -z hasilnya berhenti di tengah jalan ga sampai selesai berhenti di :
2013/09/14 01:35:38 kid1| Making directories in /cache/cache3/38
2013/09/14 01:35:38 kid1| Making directories in /cache/cache3/39
2013/09/14 01:35:38 kid1| Making directories in /cache/cache3/3A
2013/09/14 01:35:38 kid1| Making directories in /cache/cache3/3B
2013/09/14 01:35:38 kid1| Making directories in /cache/cache3/3C
2013/09/14 01:35:38 kid1| Making directories in /cache/cache3/3D
2013/09/14 01:35:38 kid1| Making directories in /cache/cache3/3E

Tidak kembali ke (root@proxygiga:~#) tetapi klo saya enter baru bisa kembali ke (root@proxygiga:~#) ga apa2 tah mas...
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: HAsil Squid

Postby q_p » 14 Sep 2013, 02:06

Sama, saya juga mentog di situ. seperti saya posting di sini =
http://ubuntu-indonesia.com/forums/ubbt ... s/136073/2
Baiknya untuk urusan squid3+sslBUMP anda gabung pada trit tsb, biar tidak mencar-mencar :)

Return to “Ubuntu Server”

Who is online

Users browsing this forum: No registered users and 4 guests