[Comm] проблема с прокси под ALTLinux Server 5

Пн Фев 22 19:07:04 UTC 2010

21.02.2010 9:12, Дровняшин Александр пишет:
> 19.02.2010 22:13, Андрей Черепанов пишет:
>> Справку не читали, это понятно. Нужно разрешённые сети добавить, 
>> включить
>> службу и нажать на «Применить». И всё работает.
ну в общем-то с этого начал, но получил ошибку (что-то типа "не могу 
запустить прокси")
и полез смотреть логи, а там следующее:
Feb 16 14:22:35 alpha squid: 2010/02/16 14:22:35| WARNING: 
'0.0.0.0/0.0.0.0' is a subnetwork of '0.0.0.0/0.0.0.0'
Feb 16 14:22:35 alpha squid: 2010/02/16 14:22:35| WARNING: because of 
this '0.0.0.0/0.0.0.0' is ignored to keep splay tree searching predictable
Feb 16 14:22:35 alpha squid: 2010/02/16 14:22:35| WARNING: You should 
probably remove '0.0.0.0/0.0.0.0' from the ACL named 'all'
Feb 16 14:22:35 alpha squid: 2010/02/16 14:22:35| cache_cf.cc(347) 
squid.conf:2670 unrecognized: 'broken_vary_encoding'
Feb 16 14:22:35 alpha squid: Could not determine fully qualified 
hostname.  Please set 'visible_hostname'
Feb 16 14:22:35 alpha squid: FATAL: Could not determine fully qualified 
hostname.  Please set 'visible_hostname'
Feb 16 14:22:35 alpha squid: Squid Cache (Version 3.0.STABLE19): 
Terminated abnormally.
Feb 16 14:22:35 alpha squid: CPU Usage: 0.020 seconds = 0.012 user + 
0.008 sys
Feb 16 14:22:35 alpha squid: Maximum Resident Size: 0 KB
Feb 16 14:22:35 alpha squid: Page faults with physical i/o: 0
Feb 16 14:22:35 alpha squid: squid startup failed
погуглил. на каком-то форуме вычитал, что проблема в том, что 
использован устаревший конфиг от 2.6
и посему взял дефолтный
>> Если взялись хакать ручками, то читайте всю документацию по Squid. Это
>> справедливо.
>>
так в том то и дело, что я это делаю уже не впервые, хотя возможно, что 
я что-то упустил.
>
> Смотри лог /var/log/messages, напиши все сообщения, которые там 
> появляются после запуска squid.
>
[root на alpha ALT]# service squid stop; killall squid; service squid 
start; sleep 5s; tail -n 200 /var/log/messages | grep squid; service 
squid status
Service squid is not 
running.                                                                                         
[PASSED]
Starting squid 
service:                                                                                               
[ DONE ]
Feb 22 20:45:24 alpha squid: squid shutdown succeeded
Feb 22 20:45:24 alpha squid[31532]: Squid Parent: child process 31534 
started
Feb 22 20:45:24 alpha squid: squid startup succeeded
squid is dead, but subsystem is locked

[root на alpha squid]# cat /var/log/squid/cache.log
2010/02/22 20:44:07| Starting Squid Cache version 3.0.STABLE19 for 
i586-alt-linux-gnu...
2010/02/22 20:44:07| Process ID 31446
2010/02/22 20:44:07| With 16384 file descriptors available
2010/02/22 20:44:07| DNS Socket created at 0.0.0.0, port 35313, FD 8
2010/02/22 20:44:07| Adding domain antares.org.ua from /etc/resolv.conf
2010/02/22 20:44:07| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2010/02/22 20:44:07| Adding nameserver 195.211.172.32 from /etc/resolv.conf
2010/02/22 20:44:07| Adding nameserver 80.91.179.14 from /etc/resolv.conf
2010/02/22 20:44:07| User-Agent logging is disabled.
2010/02/22 20:44:07| Referer logging is disabled.
2010/02/22 20:44:07| Unlinkd pipe opened on FD 13
2010/02/22 20:44:07| Local cache digest enabled; rebuild/rewrite every 
3600/3600 sec
2010/02/22 20:44:07| Swap maxSize 8388608 + 8192 KB, estimated 645907 
objects
2010/02/22 20:44:07| Target number of buckets: 32295
2010/02/22 20:44:07| Using 32768 Store buckets
2010/02/22 20:44:07| Max Mem  size: 8192 KB
2010/02/22 20:44:07| Max Swap size: 8388608 KB
2010/02/22 20:44:07| Version 1 of swap file with LFS support detected...
2010/02/22 20:44:07| Rebuilding storage in /var/spool/squid (DIRTY)
2010/02/22 20:44:07| Using Least Load store dir selection
2010/02/22 20:44:07| Set Current Directory to /var/spool/squid
2010/02/22 20:44:07| Loaded Icons.
2010/02/22 20:44:07| Accepting transparently proxied HTTP connections at 
0.0.0.0, port 3128, FD 15.
2010/02/22 20:44:07| Accepting ICP messages at 0.0.0.0, port 3130, FD 16.
2010/02/22 20:44:07| HTCP Disabled.
2010/02/22 20:44:07| Pinger exiting.
2010/02/22 20:45:24| Starting Squid Cache version 3.0.STABLE19 for 
i586-alt-linux-gnu...
2010/02/22 20:45:24| Process ID 31534
2010/02/22 20:45:24| With 16384 file descriptors available
2010/02/22 20:45:24| DNS Socket created at 0.0.0.0, port 43620, FD 8
2010/02/22 20:45:24| Adding domain antares.org.ua from /etc/resolv.conf
2010/02/22 20:45:24| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2010/02/22 20:45:24| Adding nameserver 195.211.172.32 from /etc/resolv.conf
2010/02/22 20:45:24| Adding nameserver 80.91.179.14 from /etc/resolv.conf
2010/02/22 20:45:24| User-Agent logging is disabled.
2010/02/22 20:45:24| Referer logging is disabled.
2010/02/22 20:45:24| Unlinkd pipe opened on FD 13
2010/02/22 20:45:24| Local cache digest enabled; rebuild/rewrite every 
3600/3600 sec
2010/02/22 20:45:24| Swap maxSize 8388608 + 8192 KB, estimated 645907 
objects
2010/02/22 20:45:24| Target number of buckets: 32295
2010/02/22 20:45:24| Using 32768 Store buckets
2010/02/22 20:45:24| Max Mem  size: 8192 KB
2010/02/22 20:45:24| Max Swap size: 8388608 KB
2010/02/22 20:45:24| Version 1 of swap file with LFS support detected...
2010/02/22 20:45:24| Rebuilding storage in /var/spool/squid (DIRTY)
2010/02/22 20:45:24| Using Least Load store dir selection
2010/02/22 20:45:24| Set Current Directory to /var/spool/squid
2010/02/22 20:45:24| Loaded Icons.
2010/02/22 20:45:24| Accepting transparently proxied HTTP connections at 
0.0.0.0, port 3128, FD 15.
2010/02/22 20:45:24| Accepting ICP messages at 0.0.0.0, port 3130, FD 16.
2010/02/22 20:45:24| HTCP Disabled.
2010/02/22 20:45:24| Pinger exiting.


а вот мой конфиг
[root на alpha 1]# diff squid.conf squid.conf.default
588,590c588,590
< #acl localnet src 10.0.0.0/8  # RFC1918 possible internal network
< #acl localnet src 172.16.0.0/12       # RFC1918 possible internal network
< #acl localnet src 192.168.0.0/16      # RFC1918 possible internal network
---
 > acl localnet src 10.0.0.0/8   # RFC1918 possible internal network
 > acl localnet src 172.16.0.0/12        # RFC1918 possible internal network
 > acl localnet src 192.168.0.0/16       # RFC1918 possible internal network
612,614d611
< # LAN
< acl localnet src 192.168.1.0/24
<
656,660d652
< #http_access allow localnet
<
< http_access deny all danger_url
<
< http_access allow localhost
662a655
 > http_access allow localhost
680,681d672
< http_reply_access allow localnet
< http_reply_access deny all
748d738
< miss_access allow all
896c886
< http_port 3128 transparent
---
 > http_port 3128
1566d1555
< maximum_object_size_in_memory 32 KB
1730d1718
< cache_dir ufs /var/spool/squid 8192 16 256
1770d1757
< maximum_object_size 65535 KB
3004d2990
< visible_hostname proxy.antares.org.ua