From: "altlinux@aaanet.ru" <altlinux@aaanet.ru> To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org> Subject: [Sysadmins] squid Date: Thu, 20 Dec 2007 11:52:22 +0300 Message-ID: <476A2D46.5070202@aaanet.ru> (raw) всем привет! есть Squid Cache: Version 2.6.STABLE12 Периодически пишет доступ запрещен. В логах acces.log TCP_DENIED делаю service squid reload и всё начинает работать. Такое происходит в наиболее загруженное время. Грешу на winbind но в логах ничего не могу найти. Как отловить кто виноват? И вопрос по поводу url_rewrite_children 450 больше указать немогу, незагружается сервис, как сделать что бы больше children можно было проставить? настроен след. образом [root@gate squid]# cat /etc/squid/squid.conf acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_access_log /var/log/squid/access.log ftp_user anonymous url_rewrite_program /usr/local/bin/samsredir url_rewrite_children 450 debug_options auth_param,9 auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 20 auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 20 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 external_acl_type AD_global_group %LOGIN /usr/lib64/squid/wbinfo_group.pl acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl HTTP_Common external AD_global_group grphttp acl HTTPS_Common external AD_global_group grphttps acl ICQ_Common external AD_global_group grpicq acl to_localhost dst 127.0.0.0/8 acl http_ftp_ports port 80 8080 21 1443 7778 # http acl https_ports port 443 # https acl http_icq dstdomain login.icq.com # icq acl birga dstdomain etc.rndex.ru acl CONNECT method CONNECT http_access allow HTTP_Common http_ftp_ports http_access allow HTTPS_Common https_ports http_access allow ICQ_Common http_icq https_ports http_access allow manager localhost http_access deny manager http_access allow localhost http_access deny all http_reply_access allow all error_directory /usr/share/squid/errors/Russian-1251
reply other threads:[~2007-12-20 8:52 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=476A2D46.5070202@aaanet.ru \ --to=altlinux@aaanet.ru \ --cc=sysadmins@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux sysadmins discussion This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \ sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com public-inbox-index sysadmins Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.sysadmins AGPL code for this site: git clone https://public-inbox.org/public-inbox.git