Em Ter, 2005-05-24 às 15:37 -0300, Hugo Rebello escreveu: > No arquivo /etc/squid/porn.txt eu tenho 224 linhas > No arquivo squidguard/blackurls eu já tenho 22848 linhas :-P > humm pouco para dar tanto processamento extra assim. Vc já experimentou comentar as acl de bloqueio para ver se o consumo diminui????? outro ponto, vc pode colar o ntop ?? ele ajuda a visualizar a sua máquina. []s > > Paulo Ricardo Bruck wrote: > > >Em Ter, 2005-05-24 às 14:59 -0300, Hugo Rebello escreveu: > > > > > >>A máquina tem 512Mb de memória. > >> > >> > > > >humm isto indica que vc poderia ter um cache de até +-23000 no cache, ou > >seja está sobrando memória. > > > >Bem como o cache está em 98/99% de cpu, isto nos leva a pensar que sua > >listas estão muito grandes ( o porcesso de url_regex e urlpath deve > >estar comendo bastante processamento.) > > > >quantas linhas vc tem , por exemplo no : > >squidguard/blackurls > >/etc/squid/porn.txt > > > > > >com um wc -l resolve...80) > > > >[]s > > > > > > > > > >>Obrigado, > >> > >>Abs., > >>Hugo > >> > >> > >>Paulo Ricardo Bruck wrote: > >> > >> > >> > >>>Em Ter, 2005-05-24 às 13:55 -0300, Hugo Rebello escreveu: > >>> > >>> > >>> > >>> > >>>>Paulo, > >>>> > >>>> > >>>> > >>>> > >>>Olá Hugo > >>> > >>> > >>> > >>> > >>>>Eu estou usando um HDD 16Gb SCSI com 52% de espaço livre. > >>>>54% de memória está sendo usado para o Squid, mas o grande problema é > >>>>que o Squid está consumindo 95% á 99% de processamento. > >>>> > >>>> > >>>> > >>>> > >>>ok, mas quanto de memória vc tem na maq. ? > >>>tem outros processos rodando nela??? > >>> > >>> > >>> > >>> > >>> > >>>>Abaixo está a configuração do meu squid.conf. > >>>>***************** > >>>>http_port 8080 > >>>>cache_peer proxy.teste.com parent 8080 3130 > >>>>hierarchy_stoplist cgi-bin ? > >>>>acl QUERY urlpath_regex cgi-bin \? > >>>>no_cache deny QUERY > >>>>cache_mem 30 MB > >>>> > >>>> > >>>> > >>>> > >>>aqui vc pode diminuir para 16MB > >>> > >>> > >>> > >>> > >>> > >>>>cache_swap_low 90 > >>>>cache_swap_high 95 > >>>>maximum_object_size 3072 KB > >>>>cache_dir ufs /var/spool/squid 9000 16 256 > >>>> > >>>> > >>>> > >>>> > >>> ^^^ ^^^ > >>>humm aqui vc pode mudar para aufs > >>> > >>>o 9000 so consigo responder depois de saber o quanto de memoria vc tem > >>>na maquina....8-) > >>> > >>> > >>> > >>> > >>> > >>>>cache_access_log /var/log/squid/access.log > >>>>ftp_user Squid@ > >>>> > >>>> > >>>> > >>>> > >>>que tal colocar o seu dominio depois do @ ?? 8) > >>> > >>> > >>> > >>> > >>> > >>>>auth_param basic children 5 > >>>> > >>>> > >>>> > >>>> > >>>para 650 usuários 5 children é pouco.. aumente um pouco ou vc poderá ter > >>>problemas quando todos tentarem para acessar ao mesmo tempo... > >>> > >>> > >>> > >>> > >>> > >>>>auth_param basic realm Squid proxy-caching web server > >>>>auth_param basic credentialsttl 2 hours > >>>>auth_param basic casesensitive off > >>>>refresh_pattern ^ftp: 1440 20% 10080 > >>>>refresh_pattern ^gopher: 1440 0% 1440 > >>>>refresh_pattern . 0 20% 4320 > >>>>acl dhl_network src "/etc/squid/dhl_network" > >>>>acl dhl_hosts src "/etc/squid/dhl_hosts" > >>>>acl apro_sites url_regex -i "/etc/squid/apro_sites" > >>>>acl part_sites url_regex -i "/etc/squid/part_sites" > >>>>acl dhl_proi src "/etc/squid/dhl_proi" > >>>>acl pro_domain dstdomain "/etc/squid/pro_domain" > >>>>acl black_domain dstdomain "/var/lib/squidguard/blackdomains" > >>>>acl pro_sites url_regex -i "/etc/squid/pro_sites" > >>>>acl black_sites url_regex -i "/var/lib/squidguard/blackurls" > >>>>acl porn url_regex "/etc/squid/porn.txt" > >>>>acl mpeg urlpath_regex .mpeg$ > >>>>acl avi urlpath_regex .avi$ > >>>>acl mov urlpath_regex .mov$ > >>>>acl screen urlpath_regex .src$ > >>>>acl mp3 urlpath_regex .mp3$ > >>>> > >>>> > >>>> > >>>> > >>>em geral regras de url_regex e urlpath sobrecarregam o squid e o deixam > >>>lento. quantas linhas tem cada regra desta??? > >>> > >>> > >>> > >>> > >>> > >>>>acl all src 0.0.0.0/0.0.0.0 > >>>>acl manager proto cache_object > >>>>acl localhost src 127.0.0.1/255.255.255.255 > >>>>acl to_localhost dst 127.0.0.0/8 > >>>>acl SSL_ports port 443 563 > >>>>acl Safe_ports port 80 # http > >>>>acl Safe_ports port 21 # ftp > >>>>acl Safe_ports port 443 563 # https, snews > >>>>acl Safe_ports port 70 # gopher > >>>>acl Safe_ports port 210 # wais > >>>>acl Safe_ports port 1025-65535 # unregistered ports > >>>>acl Safe_ports port 280 # http-mgmt > >>>>acl Safe_ports port 488 # gss-http > >>>>acl Safe_ports port 591 # filemaker > >>>>acl Safe_ports port 777 # multiling http > >>>>acl CONNECT method CONNECT > >>>>http_access allow manager localhost > >>>>http_access deny manager > >>>>http_access deny !Safe_ports > >>>>http_access deny CONNECT !SSL_ports > >>>>http_access allow apro_sites > >>>>http_access allow dhl_hosts part_sites > >>>>http_access deny pro_domain > >>>>http_access deny black_domain > >>>>http_access deny pro_sites > >>>>http_access deny black_sites > >>>>http_access deny mpeg > >>>>http_access deny avi > >>>>http_access deny mov > >>>>http_access deny mp3 > >>>>http_access deny screen > >>>>http_access deny porn > >>>>http_access deny dhl_proi > >>>>http_access allow dhl_network > >>>>http_access deny all > >>>> > >>>>http_reply_access allow all > >>>>icp_access allow all > >>>>icp_access allow all > >>>>cache_effective_user squid > >>>>visible_hostname on > >>>>httpd_accel_with_proxy on > >>>>never_direct allow all > >>>>coredump_dir /var/spool/squid > >>>>************************* > >>>> > >>>>Obrigado, > >>>>Hugo > >>>> > >>>> > >>>> > >>>>Paulo Ricardo Bruck wrote: > >>>> > >>>> > >>>> > >>>> > >>>> > >>>>>Em Ter, 2005-05-24 às 13:23 -0300, Hugo Rebello escreveu: > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>>>Pessoal, > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>olá 80) > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>>>Estou com um proxy Squid configurado no meu Debian com 650 usuários > >>>>>>e conexões simultaneas. > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>ok > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>>>Agora o proxy está ficando lento para abrir as páginas, gostaria de > >>>>>>saber como eu faço para melhorar a performance do mesmo ? > >>>>>>Existe alguma coisa de configuração que eu possa fazer isso ? > >>>>>>A máquina é um servidor Compaq Pentium III 800MHZ com 512Mb de memória. > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>bem sem maiores infs sobre HD que vc está usando ou o seu squid.conf > >>>>>fica difícil. Em geral o squid necessita de memoria e disco rapido > >>>>>( SCSI) > >>>>> > >>>>>Vc pode comecar colocando mais memória ou diminuir o tamanho do seu > >>>>>cache para usar menos memoria..... > >>>>>ou trocar o seu hd por um mais rapido entre outros... > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>>>Obrigado, > >>>>>>Hugo > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>> > >>>> > >>>> > >>>> > >> > >> > > -- Paulo Ricardo Bruck - consultor Contato Global Solutions tel 011 5031-4932 fone/fax 011 5034-1732 cel 011 9235-4327
Attachment:
signature.asc
Description: Esta =?ISO-8859-1?Q?=E9?= uma parte de mensagem assinada digitalmente