Debian-facile

Bienvenue sur Debian-Facile, site d'aide pour les nouveaux utilisateurs de Debian.

Vous n'êtes pas identifié(e).

#1 19-10-2014 19:00:24

Hypathie
Membre
Lieu : Chambéry _ Montréal
Distrib. : Jessie
Noyau : Linux debian 3.16.0-4-586
(G)UI : Cinnamon Mate Xfce
Inscription : 28-12-2013

[résolu]squid:impossible d'utiliser le cache

Bonjour,

j'aurais besoin d'aide pour configurer /etc/squid3/squid.conf comme proxy transparent.

Je n'arrive pas à obtenir dans mes access.log un petit “TCP_HIT” ?

tail -f /var/log/squid3/access.log


1413736884.472     46 192.168.1.2 TCP_MISS/200 7017 GET http://safebrowsing-cache.google.com/safebrowsing/rd/ChRnb29ncHViLXBoaXNoLXNoYXZhchAAGLGWEyCAlxMqClfLBAD______wMyCTHLBAD_____Pw - DIRECT/173.194.34.1 application/vnd.google.safebrowsing-chunk [Host: safebrowsing-cache.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20140924 Firefox/24.0 Iceweasel/24.8.1\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nCookie: PREF=ID=e285fa4aad72abe3:TM=1413736834:LM=1413736834:S=ZXV810-NAH0jJJdA\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n] [HTTP/1.1 200 OK\r\nCache-Control: public,max-age=172800\r\nContent-Type: application/vnd.google.safebrowsing-chunk\r\nX-Content-Type-Options: nosniff\r\nContent-Encoding: gzip\r\nDate: Sun, 19 Oct 2014 16:40:35 GMT\r\nServer: HTTP server (unknown)\r\nContent-Length: 6527\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: SAMEORIGIN\r\nAlternate-Protocol: 80:quic,p=0.01\r\n\r]



Voici mon .etc/squid3/squid.config


acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

acl localnet src 192.168.1.0/24 # RFC1918 possible internal network

acl lan src 192.168.0.1 192.168.1.0/24
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow localhost
http_access allow localnet
http_access allow lan
#http_access allow internal_network
http_access deny all
http_reply_access allow lan

http_reply_access allow localnet
icp_access allow all
#htcp_access allow lan
#htcp_access allow localnet
#htcp_access deny all

http_port 3128 transparent

cache_mem 100 MB
cache_dir ufs /var/spool/squid3 100 16 256
#cache_dir ufs /mnt/proxy/cache/spool/squid3 100 16 256
store_dir_select_algorithm least-load

max_open_disk_fds 0

minimum_object_size 0 KB
maximum_object_size_in_memory 4096 KB

memory_replacement_policy lru

cache_swap_low 90
cache_swap_high 95
ipcache_size 1024
ipcache_low 85
ipcache_high 90
fqdncache_size 1024
cache allow localnet
cache_effective_user proxy
cache_effective_group proxy
cache_swap_low 90
ipcache_high 95

access_log /var/log/squid3/access.log squid
cache_store_log /var/log/squid3/store.log

logfile_rotate 0
emulate_httpd_log off
log_ip_on_direct on
mime_table /usr/share/squid3/mime.conf
log_mime_hdrs on
log_fqdn on

cache_log /var/log/squid3/cache.log

debug_options ALL,5

coredump_dir /mnt/proxy/cache/spool/squid3
coredump_dir /var/spool/squid3

hierarchy_stoplist cgi-bin ?

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire i
gnore-no-cache ignore-no-store ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200 90% 43200
 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i \.(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff)$ 10080
 90% 43200 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i \.index.(html|htm)$ 0 40% 10080
refresh_pattern -i \.(html|htm|css|js)$ 1440 40% 40320

refresh_pattern ^http           1440    10%     10080
refresh_pattern (/cgi-bin/|\?) 0 0% 0

refresh_pattern . 0 40% 40320
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
read_ahead_gap 16 KB
negative_ttl 0 seconds
positive_dns_ttl 6 hours
negative_dns_ttl 1 minutes
range_offset_limit 0 KB
minimum_expiry_time 60 seconds
store_avg_object_size 13 KB
store_objects_per_bucket 20
request_header_max_size 64 KB
reply_header_max_size 64 KB
request_body_max_size 0 KB
client_request_buffer_max_size 512 KB

shutdown_lifetime 30 seconds

visible_hostname localhost
hosts_file /etc/hosts
pipeline_prefetch on
 



Merci d'avance smile

Dernière modification par Hypathie (20-10-2014 08:46:41)

Hors ligne

#2 20-10-2014 08:46:19

Hypathie
Membre
Lieu : Chambéry _ Montréal
Distrib. : Jessie
Noyau : Linux debian 3.16.0-4-586
(G)UI : Cinnamon Mate Xfce
Inscription : 28-12-2013

Re : [résolu]squid:impossible d'utiliser le cache

résolu

Les pages générées dynamiquement (genre PHP) ne sont pas mis en cache ; comme il y en a beaucoup, alors quasiment rien n'est en cache...  sad

Squid + Nginx => TCP_HIT  smile

Hors ligne

Pied de page des forums