[ubuntu-bo] Cache para un Proxy transparente con Squid3 parece no funcionar
Mario César Señoranis Ayala
mariocesar.c50 en gmail.com
Lun Dic 6 01:32:06 GMT 2010
Saludos,
Tengo un servidor en casa que me sirve para compartir música, archivos,
Internet, DNS, etc ... todo lo usual para una red hogareña.
Tengo squid3 configurado como un proxy transparente, la idea general es
tener el cache funcionando para que pueda mejorar la velocidad mientras
se navega, hay 5 computadoras compartiendo una conexión de 512 Kbps
Squid3 funciona bien, esta configurado y comparte internet
correctamente, pero en los registros de acceso, me acabo de dar cuenta
que squid3 no utiliza el cache, baja todos los contenidos una y otra ves
esta es su configuración:
$ cat /etc/squid3/squid.conf | grep -v "^# *" | grep -v "^$"
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 127.0.0.1/32 # RFC1918 possible internal network
acl our_networks src 192.168.2.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631
acl Safe_ports port 873
acl Safe_ports port 901
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access allow our_networks
http_access deny all
http_port 3128 accel vhost vport=80
hierarchy_stoplist cgi-bin ?
cache_mem 300 MB
maximum_object_size_in_memory 10240 KB
cache_replacement_policy lru
cache_dir ufs /var/spool/squid3 7000 32 512
maximum_object_size 320010 KB
cache_store_log none
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern deb$ 129600 100% 129600
refresh_pattern udeb$ 129600 100% 129600
refresh_pattern tar.gz$ 129600 100% 129600
refresh_pattern changelogs.ubuntu.com/* 0 1% 1
acl ads_regex url_regex -i [./]banners*[./?]
acl ads_regex url_regex -i [./]bannerserver[./?]
acl ads_regex url_regex -i [./]bannerbank[./?]
acl ads_regex url_regex -i [./]bannerfarm[./?]
acl ads_regex url_regex -i \.linkexchange\.ru:*[0123456789]*/
acl ads_regex url_regex -i [./]adv[./?]
acl ads_regex url_regex -i /count.*\?
acl ads_regex url_regex -i /ping.*\?
acl ads_regex url_regex -i [./]adserver
acl ads_regex url_regex -i /phpAdsNew.*/ad.*\.php\?
acl ads_regex url_regex -i /adsystem.*/ad.*\.php\?
acl ads_regex url_regex -i
^http://ad\.doubleclick\.net:*[0123456789]*/ad./
acl ads_regex url_regex -i
^http://pagead2\.googlesyndication\.com:*[0123456789]*/pagead/ads\??
acl ads_regex url_regex -i
^http://pagead2\.googlesyndication\.com:*[0123456789]*/pagead/show_ads\.js
acl ads_regex url_regex -i
^http://www\.clx\.ru:*[0123456789]*/rot\.php?
acl ads_regex url_regex -i
^http://oz\.valueclick\.com:*[0123456789]*/cycle\?
http_access deny ads_regex
refresh_pattern -i [.]jpg$ 2880 50% 2880000
override-lastmod ignore-reload
refresh_pattern -i [.]jpeg$ 2880 50% 2880000
override-lastmod ignore-reload
refresh_pattern -i [.]gif$ 2880 50% 2880000
override-lastmod ignore-reload
refresh_pattern -i [.]png$ 2880 50% 2880000
override-lastmod ignore-reload
refresh_pattern -i [.]swf$ 2880 50% 2880000
override-lastmod ignore-reload
refresh_pattern -i [.]mp[g123]$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]mpeg$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]avi$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]gz$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]tgz$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]bz$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]bz2$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]zip$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]arj$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]rar$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]dat$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]php$ 0 20% 28800
refresh_pattern -i /$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]htm$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]html$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]xml$ 2880 50% 2880000
override-lastmod reload-into-ims
refresh_pattern -i [.]css$ 2880 50% 2880000
override-lastmod ignore-reload
refresh_pattern -i [.]js$ 2880 50% 2880000
override-lastmod ignore-reload
refresh_pattern . 0 50% 28800
visible_hostname s1.oficina.local
always_direct allow all
hosts_file /etc/hosts
Como ya notaron tengo un moton de reglas de patrones de refresco, todas
para poder optimizar la descarga, ya saben no descargar dos veces el
mismo archivo, poner en cache cosas como imagenes, música, video, etc...
Aquí esta el log del acceso de squid3
$ sudo tail -f /var/log/squid3/access.log
1291598367.169 306 192.168.2.90 *TCP_MISS*/200 1979 GET
http://wikileaks.ch/static/css/reset-fonts-grids.css -
DIRECT/213.251.145.96 text/css
1291598367.177 312 192.168.2.90 *TCP_MISS*/304 217 GET
http://wikileaks.ch/img/ja-cg.jpg - DIRECT/213.251.145.96 -
1291598367.453 577 192.168.2.90 *TCP_MISS*/304 217 GET
http://wikileaks.ch/static/gfx/WL_Hour_Glass_small.png -
DIRECT/213.251.145.96 -
1291598370.473 3604 192.168.2.90 *TCP_MISS*/200 1849 GET
http://wikileaks.ch/static/css/cables.css - DIRECT/213.251.145.96
text/css
1291598370.857 3948 192.168.2.90*TCP_MISS*/200 15316 GET
http://wikileaks.ch/static/gfx/graphic.png - DIRECT/213.251.145.96
image/png
1291598401.342 286 192.168.2.90 *TCP_MISS*/304 217 GET
http://wikileaks.ch/reldate/2010-12-04_0.html - DIRECT/213.251.145.96 -
1291598410.391 56533 192.168.2.90 *TCP_MISS*/000 0 GET
http://wikileaks.ch/media.html - DIRECT/213.251.145.96 -
1291598423.507 7137 192.168.2.90 *TCP_MISS*/200 10143 GET
http://wikileaks.ch/reldate/2010-12-01_0.html -
DIRECT/213.251.145.96 text/html
1291598433.848 30362 192.168.2.90 *TCP_MISS*/000 0 GET
http://wikileaks.ch/reldate/2010-12-05_0.html - DIRECT/213.251.145.96 -
1291598445.552 3939 192.168.2.90 *TCP_MISS*/200 11445 GET
http://wikileaks.ch/cable/2008/07/08LONDON1837.html -
DIRECT/213.251.145.96 text/html
1291598445.941 12088 192.168.2.90 *TCP_MISS*/000 0 GET
http://wikileaks.ch/reldate/2010-12-05_0.html - DIRECT/213.251.145.96 -
1291598446.161 213 192.168.2.90 *TCP_MISS*/000 0 GET
http://wikileaks.ch/reldate/2010-12-05_0.html - DIRECT/wikileaks.ch -
1291598457.069 10905 192.168.2.90 *TCP_MISS*/200 10082 GET
http://wikileaks.ch/reldate/2010-12-05_0.html -
DIRECT/213.251.145.96 text/html
1291598469.289 52441 192.168.2.90 *TCP_MISS*/200 10017 GET
http://wikileaks.ch/reldate/2010-12-02_0.html -
DIRECT/213.251.145.96 text/html
No importa donde navegue, siempre recibo un TCP_MISS, osea squid3 no
encontro la página en el cache y descarga para que pueda verla. En todos
los casos, no importa por la página que navegue siempre recibo TCP_MISS.
Creo que estoy perdiendo algo en la configuración, alguién puede
ayudarme para poder habilitar el cache en mi configuraciónd de squid3?
Un gran abrazo a todos.
--
Mario César Señoranis Ayala
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: https://lists.ubuntu.com/archives/ubuntu-bo/attachments/20101205/2f3138cd/attachment.htm
Más información sobre la lista de distribución Ubuntu-bo