cache_peer problem, works for half the sites I visit - squid

This is a discussion on cache_peer problem, works for half the sites I visit - squid ; Environment Squid Setup win.client ↕ win.squid → gentoo.squid → internet So I have squidnt runing on my windows pc, which i then want to connect to the gentoo squid and then i want that to go get the info from ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: cache_peer problem, works for half the sites I visit

  1. cache_peer problem, works for half the sites I visit

    Environment

    Squid Setup
    win.client

    win.squid → gentoo.squid → internet

    So I have squidnt runing on my windows pc, which i then want to connect
    to the gentoo squid and then i want that to go get the info from the
    internet.


    Newtork Path for http/s traffic (this is a bit complicated but it
    works, a bit of latency, throughput is fine though)

    Browser → win.squid (127.0.0.1:3128) → gentoo.squid
    (127.0.0.1:8080) → win.host (192.168.0.24) → ssh tunnel →
    gentoo.host (203.x.x.x:443) → gentoo.squid (127.0.0.1:3128) →
    Internet (http://www.google.com)

    So I have a ssh tunnel between my windows pc and the gentoo box, I have
    port 8080 forwarded to 127.0.0.1:3128 & port 8081 forwarded to
    127.0.0.1:3130.

    This is what i have in my squidnt squid.conf

    <<<<<<< begin squid.conf (squidnt) >>>>>>>>>>>>>>>>
    cache_peer 127.0.0.1 parent 8080 8081 default
    hierarchy_stoplist cgi-bin ?
    acl QUERY urlpath_regex cgi-bin \?
    no_cache deny QUERY
    cache_dir ufs c:/squid/var/cache 512 16 256
    auth_param basic children 5
    auth_param basic realm Squid proxy-caching web server
    auth_param basic credentialsttl 2 hours
    auth_param basic casesensitive off
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern . 0 20% 4320
    acl all src 0.0.0.0/0.0.0.0
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl to_localhost dst 127.0.0.0/8
    acl SSL_ports port 443 563
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 563 # https, snews
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl Safe_ports port 901 # SWAT
    acl purge method PURGE
    acl CONNECT method CONNECT
    http_access allow manager localhost
    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localhost
    http_access deny all
    http_reply_access allow all
    icp_access allow all
    <<<<<<<< end squid.conf (squidnt) >>>>>>>>>>>>>>>>

    And this is what I have in my gento.squid squid.conf

    <<<<<<< begin squid.conf (gentoo.squid) >>>>>>>>>>>>>>>>
    hierarchy_stoplist cgi-bin ?
    acl QUERY urlpath_regex cgi-bin \?
    no_cache deny QUERY
    auth_param basic realm Squid proxy-caching web server
    auth_param basic credentialsttl 2 hours
    auth_param basic casesensitive off
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern . 0 20% 4320
    acl all src 0.0.0.0/0.0.0.0
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl to_localhost dst 127.0.0.0/8
    acl SSL_ports port 443 563
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 563 # https, snews
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl Safe_ports port 901 # SWAT
    acl purge method PURGE
    acl CONNECT method CONNECT
    http_access allow manager localhost
    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localhost
    http_access deny all
    http_reply_access allow all
    icp_access allow all
    forwarded_for off
    coredump_dir /var/cache/squid
    <<<<<<<< end squid.conf (gentoo.squid) >>>>>>>>>>>>>>>>

    This should work shouldn't it?
    I've been to http://www.cnn.com and half the site loads under these
    conditions, http://www.google.com doesn't load at all.... In the
    access.log you see hits/miss's on both boxes.. I have live HTTP Headers
    in friefox and both proxy's leave there mark in the headers on requests
    that work.....

    if i take my squidnt out of the loop and point the browser at
    127.0.0.1:8080 as the proxy, everything works fine. I only visit a
    handful of sites everyday and I'm trying to reduce the time it takes to
    load these sites, some of them have a heap of static images on them for
    example. The browser disk cache doesn't help as i have a sync job in
    place that syncs my portable firefox config with my desktop at home,
    sending this cache is a waste of bandwidth. (When i get a iPod with a
    proper harddrive i'll just whack my portable firefox on that, in the
    meantime this works great.)

    Of course as soon as I get home and configure squidnt to go straight to
    the net it works fine, ie taking gentoo.squid out of the cache_peer
    arrangement.

    the reason i'm doing this is our work firewall/proxy won't let me go to
    google.com, works for most users, but there are a few of us that get
    blocked, its a stupid block, but it exists, i'm not here to fix that
    problem, I'm here to just get a working, unfiltered net connection

    my working solution is a ssh tunnel to gentoo.squid. I want to imporve
    this by sticking a squid cache on my laptop to help reduce the
    bandwidth & latency costs associated with my current working setup.

    Thanks for any assistance ou might be able to offer


  2. Re: cache_peer problem, works for half the sites I visit

    Sorry forgot the versions
    (squidnt) squid-2.5.STABLE12 (12 Mar 2006)
    (gentoo.squid) squid-2.5.12-r1


+ Reply to Thread