Todays installment in the Adventures of Squid Sandwich:
Forwarding loop detected
WARNING: Forwarding loop detected for:
in /var/log/squid/cache.log
Since I am using a DansGuardian sandwich with Squid for bread I set the
unique_hostname host.domain.com
in the first Squid conf then in the second Squid conf used a CNAME for the same machine of:
unique_hostname proxy1.domain.com
DansGuardian TCP connection failed
Also in /var/log/squid/cache.log
2011/10/19 10:21:15| TCP connection to 127.0.0.1/3128 failed
So I amended the dansguardian.conf file and changed the following lines:
maxchildren = 180
minchildren = 32
minsparechildren = 8
preforkchildren = 10
maxsparechildren = 64
maxagechildren = 10000
to:
maxchildren = 360
minchildren = 64
minsparechildren = 16
preforkchildren = 20
maxsparechildren = 128
maxagechildren = 10000
I have only changed maxchildren and minsparechildren for now to see how things go. From the documentation: Max Children This sets the maximum number of processes to spawn to handle the incoming connections. This will prevent DoS attacks killing the server with too many spawned processes. On large sites you might want to double or triple this number.
Log Rotation
I also had to add the following to /etc/logrotate.d/squid2 to rotate the second squid access log and another one for the squid cache.log file which was growing to gigabytes.
/var/log/squid/access2*.log {
daily
rotate 5
compress
notifempty
missingok
nocreate
sharedscripts
postrotate
# Asks squid to reopen its logs. (logfile_rotate 0 is set in squid.conf)
# errors redirected to make it silent if squid is not running
/usr/sbin/squid -k rotate 2>/dev/null
# Wait a little to allow Squid to catch up before the logs is compressed
sleep 1
endscript
}
2011-10-16 04:02:12 [8358] (squidguard): can’t write to logfile /var/log/squid/squidguard_access.log
