This is a amd64 box with FreeBSD 6.3. So far it is only acting as a
firewall (with PF). Yesterday I installed squid via ports with a pretty
vanilla configuration. I.e. no neighbour caches, just to be used as a
standalone cache for users from the inside net. No interception caching
(yet). Squid was not yet put under heavy load - in fact I am so far the
only person using it.
Everything worked fine yesterday. However, squid "died" after
"squid -k rotate" was executed by cron over night. Here is what it came
up with after (successful) log rotation:
2008/04/23 04:20:00| storeDirWriteCleanLogs: Starting...
2008/04/23 04:20:00| Finished. Wrote 1706 entries.
2008/04/23 04:20:00| Took 0.0 seconds (1714572.9 entries/sec).
2008/04/23 04:20:00| aioSync: flushing pending I/O operations
2008/04/23 04:20:00| aioSync: done
2008/04/23 04:20:00| logfileRotate: /usr/local/squid/logs/access.log
2008/04/23 04:20:00| sendto FD 12: (1) Operation not permitted
2008/04/23 04:20:00| ipcCreate: CHILD: hello write test failed
Squid was running and accepting connections on port 3128, but they were
not carried out any longer.
I then killed squid (actually I needed kill -9 to bring it down) and
made sure no more squid processes are running. But now, every time I try
to start squid - manually, or via rc.d - I get the same messages as
above. The "FD" number varies, but everything else stays the same.
There were no other changes made on the machine in between that I am
What is going on here?
FWIW, here is my config:
connect_timeout 2 minutes
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
acl inside_net src xxx.xxx.xxx.0/24
http_access allow inside_net
http_access allow localhost
http_access deny all
cache_mgr [EMAIL PROTECTED]
maximum_object_size 32 MB
cache_replacement_policy heap LFUDA
cache_dir aufs /usr/local/squid/cache 32768 32 256
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"