squid parando e a conexao so reestabelece de reiniciar o modem da velox

ramasio
(usa Ubuntu)

Enviado em 18/12/2009 - 12:16h

pessoal por favor me ajudem!! estou configurando um servidor ubuntu 9.04 no meu trabalho para 30 pcs!!
o servidor possui 1gb de memoria ram, link da velox de 1mb, 2hds de 40, o primeiro do sistema e outro para o samba! as regras do squid sao simples!
o problema eh que cai mutias vezes as dia! e eu inicialmente to testando con apenas 5 pcs! detalhe eh q o servidor fica sem conexao tbm mesmo retirando o proxy do mesmo, nao navega e reiniciar o squid nao resolve! tenho q ir la no modem q da o sinal de velox e reinicia-lo aih volta tudo ao normal por alguns minutos!!

estou disponibilizando aki as regras de squid e os logs na esperança de que os colegas possam me ajudar

squid.conf
http_port 192.168.1.1:3128 transparent
visible_hostname ubuntuserver

cache_mem 256 MB
cache_swap_low 90
cache_swap_high 93

maximum_object_size 56 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 256 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 93

cache_replacement_policy lru
memory_replacement_policy lru

cache_dir ufs /var/spool/squid 10096 16 256
cache_access_log /var/log/squid/access.log
#####################SERVIDOR DNS########################
dns_nameservers 208.67.220.220 #DNS DO MODEM ADSL VELOX
dns_nameservers 208.67.222.222 #DNS DO MODEM ADSL VELOX
#########################################################
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

pipeline_prefetch on


#======================================================================

acl download url_regex -i .ftp .mov .mpeg .wav .tar .mp3 .rar .zip .rmvb .vqf .tar.gz .gz .rpm .zip .rar .avi .mpe .mpg .qt .ram .rm .iso .raw .wav
acl bloqueados url_regex -i "/etc/squid/bloqueados"
acl nomesproibidos dstdom_regex "/etc/squid/nomesproibidos"


################################################
## CONTROLE DE BANDA ##
################################################
acl ip_liberado src 192.168.1.99
acl net_liberada src 192.168.1.249 192.168.1.250 192.168.1.251 192.168.1.252 192.168.1.253
acl redelocal src 192.168.1.0/24 # IP da sua Rede
delay_pools 3
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow ip_liberado
delay_class 2 2
delay_parameters 2 -1/-1 50000/50000
delay_access 2 allow net_liberada
delay_class 3 2
delay_parameters 3 -1/-1 11900/11900
delay_access 3 allow redelocal


http_access allow ip_liberado
http_access allow net_liberada
http_access allow download
http_access deny bloqueados
http_access deny nomesproibidos


http_access allow localhost
http_access allow redelocal
http_access deny all
================================================
RESOLV.CONF

# Generated by NetworkManager
domain lab.nte.br
search lab.nte.br
#2 LINHAS A CIMA DO BIND NAO CONFIGURADO AINDA
nameserver 192.168.1.254 # IP DO MODEM ADSL VELOX
nameserver 208.67.220.220 #DNS DO MODEM ADSL VELOX
nameserver 208.67.222.222 #DNS DO MODEM ADSL VELOX

================================================================
CACHE ACCESS LOG
DETALHE NO PERIODO ENTRE DESSE LOG QUE VAI DE 9:45 A 11:02 A CONEXAO CAIU DUAS VZS!!
2009/12/18 09:45:45| storeDirWriteCleanLogs: Starting...
2009/12/18 09:45:45| Finished. Wrote 16178 entries.
2009/12/18 09:45:45| Took 0.0 seconds (2888412.8 entries/sec).
2009/12/18 09:45:45| logfileRotate: /var/log/squid/store.log
2009/12/18 09:45:45| logfileRotate (stdio): /var/log/squid/store.log
2009/12/18 09:45:45| logfileRotate: /var/log/squid/access.log
2009/12/18 09:45:45| logfileRotate (stdio): /var/log/squid/access.log
2009/12/18 10:05:32| Preparing for shutdown after 300 requests
2009/12/18 10:05:32| Waiting 30 seconds for active connections to finish
2009/12/18 10:05:32| FD 13 Closing HTTP connection
2009/12/18 10:05:32| Shutting down...
2009/12/18 10:05:32| FD 14 Closing ICP connection
2009/12/18 10:05:32| Closing unlinkd pipe on FD 11
2009/12/18 10:05:32| storeDirWriteCleanLogs: Starting...
2009/12/18 10:05:32| Finished. Wrote 16208 entries.
2009/12/18 10:05:32| Took 0.0 seconds (2915632.3 entries/sec).
CPU Usage: 0.900 seconds = 0.460 user + 0.440 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
total space in arena: 4888 KB
Ordinary blocks: 4801 KB 14 blks
Small blocks: 0 KB 5 blks
Holding blocks: 280 KB 1 blks
Free Small blocks: 0 KB
Free Ordinary blocks: 86 KB
Total in use: 5081 KB 98%
Total free: 87 KB 2%
2009/12/18 10:05:32| logfileClose: closing log /var/log/squid/store.log
2009/12/18 10:05:32| logfileClose: closing log /var/log/squid/access.log
2009/12/18 10:05:32| Squid Cache (Version 2.7.STABLE3): Exiting normally.
2009/12/18 10:05:34| Starting Squid Cache version 2.7.STABLE3 for i386-debian-linux-gnu...
2009/12/18 10:05:34| Process ID 3971
2009/12/18 10:05:34| With 1024 file descriptors available
2009/12/18 10:05:34| Using epoll for the IO loop
2009/12/18 10:05:34| DNS Socket created at 0.0.0.0, port 41290, FD 6
2009/12/18 10:05:34| Adding nameserver 208.67.220.220 from squid.conf
2009/12/18 10:05:34| Adding nameserver 208.67.222.222 from squid.conf
2009/12/18 10:05:34| User-Agent logging is disabled.
2009/12/18 10:05:34| Referer logging is disabled.
2009/12/18 10:05:34| logfileOpen: opening log /var/log/squid/access.log
2009/12/18 10:05:34| Unlinkd pipe opened on FD 11
2009/12/18 10:05:34| Swap maxSize 4194304 KB, estimated 322638 objects
2009/12/18 10:05:34| Target number of buckets: 16131
2009/12/18 10:05:34| Using 16384 Store buckets
2009/12/18 10:05:34| Max Mem size: 204800 KB
2009/12/18 10:05:34| Max Swap size: 4194304 KB
2009/12/18 10:05:34| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2009/12/18 10:05:34| logfileOpen: opening log /var/log/squid/store.log
2009/12/18 10:05:34| Rebuilding storage in /var/spool/squid (CLEAN)
2009/12/18 10:05:34| Using Least Load store dir selection
2009/12/18 10:05:34| Current Directory is /
2009/12/18 10:05:34| Loaded Icons.
2009/12/18 10:05:34| Accepting transparently proxied HTTP connections at 192.168.1.1, port 3128, FD 13.
2009/12/18 10:05:34| Accepting ICP messages at 0.0.0.0, port 3130, FD 14.
2009/12/18 10:05:34| HTCP Disabled.
2009/12/18 10:05:34| WCCP Disabled.
2009/12/18 10:05:34| Ready to serve requests.
2009/12/18 10:05:34| Store rebuilding is 25.3% complete
2009/12/18 10:05:34| Done reading /var/spool/squid swaplog (16208 entries)
2009/12/18 10:05:34| Finished rebuilding storage from disk.
2009/12/18 10:05:34| 16208 Entries scanned
2009/12/18 10:05:34| 0 Invalid entries.
2009/12/18 10:05:34| 0 With invalid flags.
2009/12/18 10:05:34| 16208 Objects loaded.
2009/12/18 10:05:34| 0 Objects expired.
2009/12/18 10:05:34| 0 Objects cancelled.
2009/12/18 10:05:34| 0 Duplicate URLs purged.
2009/12/18 10:05:34| 0 Swapfile clashes avoided.
2009/12/18 10:05:34| Took 0.4 seconds (37874.5 objects/sec).
2009/12/18 10:05:34| Beginning Validation Procedure
2009/12/18 10:05:34| Completed Validation Procedure
2009/12/18 10:05:34| Validated 16208 Entries
2009/12/18 10:05:34| store_swap_size = 246896k
2009/12/18 10:05:35| storeLateRelease: released 0 objects
2009/12/18 11:01:55| Preparing for shutdown after 2866 requests
2009/12/18 11:01:55| Waiting 30 seconds for active connections to finish
2009/12/18 11:01:55| FD 13 Closing HTTP connection
2009/12/18 11:02:26| Shutting down...
2009/12/18 11:02:26| FD 14 Closing ICP connection
2009/12/18 11:02:26| WARNING: Closing client 192.168.1.99 connection due to lifetime timeout
2009/12/18 11:02:26| http://au.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/xlconv_a12a70e9d10874bf1a...
2009/12/18 11:02:26| WARNING: Closing client 192.168.1.103 connection due to lifetime timeout
2009/12/18 11:02:26| http://sn118w.snt118.mail.live.com/mail/mail.fpp?cnmn=Microsoft.Msn.Hotmail.Ui.Fpp.MailBox.ReportErr...
2009/12/18 11:02:26| WARNING: Closing client 192.168.1.1 connection due to lifetime timeout
2009/12/18 11:02:26| http://start.ubuntu.com/9.04/
2009/12/18 11:02:26| WARNING: Closing client 192.168.1.1 connection due to lifetime timeout
2009/12/18 11:02:26| http://www.google.com/firefox
2009/12/18 11:02:26| WARNING: Closing client 192.168.1.1 connection due to lifetime timeout
2009/12/18 11:02:26| http://www.google.com/firefox
2009/12/18 11:02:26| WARNING: Closing client 192.168.1.109 connection due to lifetime timeout
2009/12/18 11:02:26| http://g.live.com/8SE.pt-brz.14.0/DashboardButtonsFeed
2009/12/18 11:02:26| WARNING: Closing client 192.168.1.109 connection due to lifetime timeout
2009/12/18 11:02:26| http://192.168.1.1/
2009/12/18 11:02:26| WARNING: Closing client 192.168.1.1 connection due to lifetime timeout
2009/12/18 11:02:26| http://newsrss.bbc.co.uk/rss/newsonline_world_edition/front_page/rss.xml
2009/12/18 11:02:26| Closing unlinkd pipe on FD 11
2009/12/18 11:02:26| storeDirWriteCleanLogs: Starting...
2009/12/18 11:02:26| Finished. Wrote 17087 entries.
2009/12/18 11:02:26| Took 0.0 seconds (2033198.5 entries/sec).
CPU Usage: 16.301 seconds = 6.724 user + 9.577 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
total space in arena: 14628 KB
Ordinary blocks: 14376 KB 145 blks
Small blocks: 0 KB 5 blks
Holding blocks: 280 KB 1 blks
Free Small blocks: 0 KB
Free Ordinary blocks: 251 KB
Total in use: 14656 KB 98%
Total free: 251 KB 2%
2009/12/18 11:02:26| logfileClose: closing log /var/log/squid/store.log
2009/12/18 11:02:26| logfileClose: closing log /var/log/squid/access.log
2009/12/18 11:02:26| Squid Cache (Version 2.7.STABLE3): Exiting normally.
2009/12/18 11:02:28| Starting Squid Cache version 2.7.STABLE3 for i386-debian-linux-gnu...
2009/12/18 11:02:28| Process ID 6616
2009/12/18 11:02:28| With 1024 file descriptors available
2009/12/18 11:02:28| Using epoll for the IO loop
2009/12/18 11:02:28| DNS Socket created at 0.0.0.0, port 48946, FD 6
2009/12/18 11:02:28| Adding nameserver 208.67.220.220 from squid.conf
2009/12/18 11:02:28| Adding nameserver 208.67.222.222 from squid.conf
2009/12/18 11:02:28| User-Agent logging is disabled.
2009/12/18 11:02:28| Referer logging is disabled.
2009/12/18 11:02:28| logfileOpen: opening log /var/log/squid/access.log
2009/12/18 11:02:28| Unlinkd pipe opened on FD 11
2009/12/18 11:02:28| Swap maxSize 4194304 KB, estimated 322638 objects
2009/12/18 11:02:28| Target number of buckets: 16131
2009/12/18 11:02:28| Using 16384 Store buckets
2009/12/18 11:02:28| Max Mem size: 204800 KB
2009/12/18 11:02:28| Max Swap size: 4194304 KB
2009/12/18 11:02:28| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2009/12/18 11:02:28| logfileOpen: opening log /var/log/squid/store.log
2009/12/18 11:02:28| Rebuilding storage in /var/spool/squid (CLEAN)
2009/12/18 11:02:28| Using Least Load store dir selection
2009/12/18 11:02:28| Current Directory is /
2009/12/18 11:02:28| Loaded Icons.
2009/12/18 11:02:28| Accepting transparently proxied HTTP connections at 192.168.1.1, port 3128, FD 13.
2009/12/18 11:02:28| Accepting ICP messages at 0.0.0.0, port 3130, FD 14.
2009/12/18 11:02:28| HTCP Disabled.
2009/12/18 11:02:28| WCCP Disabled.
2009/12/18 11:02:28| Ready to serve requests.
2009/12/18 11:02:28| Store rebuilding is 24.0% complete
2009/12/18 11:02:28| Done reading /var/spool/squid swaplog (17087 entries)
2009/12/18 11:02:28| Finished rebuilding storage from disk.
2009/12/18 11:02:28| 17087 Entries scanned
2009/12/18 11:02:28| 0 Invalid entries.
2009/12/18 11:02:28| 0 With invalid flags.
2009/12/18 11:02:28| 17087 Objects loaded.
2009/12/18 11:02:28| 0 Objects expired.
2009/12/18 11:02:28| 0 Objects cancelled.
2009/12/18 11:02:28| 0 Duplicate URLs purged.
2009/12/18 11:02:28| 0 Swapfile clashes avoided.
2009/12/18 11:02:28| Took 0.4 seconds (39424.2 objects/sec).
2009/12/18 11:02:28| Beginning Validation Procedure
2009/12/18 11:02:28| Completed Validation Procedure
2009/12/18 11:02:28| Validated 17087 Entries
2009/12/18 11:02:28| store_swap_size = 350508k
2009/12/18 11:02:29| storeLateRelease: released 0 objects


Por favor mi ajudem pois nao seia mais o q fazer!
ja estou vendo a possibilidade de formtatar o pc que sera o servidor e começar tudo de novo!
com poucas esperanças de que isso resolva o problema!
obg
Aguardo respostas anciosamente!!

maninhx
(usa Slackware)

Enviado em 20/12/2009 - 09:21h

o problema parece estar no seu modem e não no seu proxy.

Diede
(usa Debian)

Enviado em 20/12/2009 - 14:38h

Eu peguei um servidor uma vez que apresentava os mesmos problemas que o seu. A conexão parava a cada 1 ou 2 horas.
Percebi que ele estava com squid aberto em 0.0.0.0, sem regras de firewall e com modem em bridge. Dei um conntrack e vi que "metade da internet" estava usando o proxy... tinha quase 12 mil conexões ativas...
Como seu modem aí está em router (vejo pela faixa 192.x.x.x do seu modem), o problema não seria este, mas pode ter algo causado pela rede interna também... Digo, um conficker, ou qualquer outra coisa aí interna em sua rede pode estar criando milhares de conexões, "engasgando" o modem...
E... Como disse o amigo acima, o problema pode ser seu modem. Depois de descartar a possibilidade de DDoS, seria considerável que o problema fosse de hardware...
Dê uma olhada com o wireshark, ou mesmo com o "squidclient mgr:info", para checar quantas requisições você tem por segundo, ou por minuto. Apesar do squidclient quebrar o galho, é mais viável usar o wireshark (ou tcpdump, se quiser), pois você poderá "olhar" as conexões em todas as portas, ao contrário do squidclient que só fala pelo squid...