On Wed, 14 Mar 2001, oops wrote:
BerkeleyDB ��� gigabase �����������? �� ���������� - �������� �������� �������.
> ���� ������ !!!!
> ��� � ��� ������ �����. oops -z ������ �� ��� ������ storage � ��� ��� ��
> �������� � ���������� ��� �� ������ �� ����.
> ��� ��� ���������:
> ��� ����� ������������ ������.
>
> oopsctl stat
> -----------------------------BEGIN------------------------
> ## -- General info --
> Version : 1.5.6
> Uptime : 16961sec, (0day(s), 4hour(s), 42min(s))
> Last update : Wed Mar 14 08:20:51 2001
> Clients : 0 (max: 79)
> HTTP requests: 3305
> ICP requests: 0
> Total hits : 521
> Curr.req.rate: 0.05 req/sec (max: 1.17)
> Tot.req.rate : 0.19 req/sec
> Curr.hit.rate: 0.00 %
> Tot.hit.rate : 15.76 %
> Curr.icp.rate: 0.00 req/sec (max: 0.00)
> ## -- CPU --
> Total usage : 45458ms
> Delta usage : 114ms
> Delta time : 61000ms
> Curr. CPU : 0.19 % (0.02s+0.17u)
> Aver. CPU : 0.27 % (0.08s+0.19u)
> ## -- storages --
> Storage : /usr/local/proxy/oops/storages/oops_storage
> Size : 520.00 MB
> Free blks : 0 blks (0.00Mb) 0.00 %
> State : NOT_READY
> Fileno : 0
> Storage : /usr/local/proxy/oops/storages/oops_storage1
> Size : 600.00 MB
> Free blks : 0 blks (0.00Mb) 0.00 %
> State : NOT_READY
> Fileno : 0
> ## -- end of storages --
> ## -- modules --
> accel WWW-accelerator (URL redirector)
> berkeley_db BerkeleyDB API (DB Interface)
> CustomLog Customized access log. (Log recording)
> err Error reporting module (Error reporting)
> fastredir Fast Substring URL Redirector (URL redirector)
> gigabase_db GigaBASE API (DB Interface)
> lang National languages handling module (Output handling)
> DummyLog Dummy logging module (Log recording)
> oopsctl Oops controlling module (Independent port listener)
> passwd_file Auth using passwd file (Authentication)
> passwd_mysql Auth using mysql (Authentication)
> passwd_pgsql Auth using postgresql (Authentication)
> redir Regex URL Redirector (URL redirector)
> transparent Transparent proxy (URL redirector)
> vary Processing 'Vary:' header (Document headers check)
> ## -- end of modules --
> ## -- icp peers --
> ## -- end of icp peers--
> ------------------------------END------------------------
>
> oops.cfg
>
> ------------------------------BEGIN------------------------
> ##
> # nameservers. Use your own, not our.
> ##
>
> nameserver 212.42.101.33
>
> ##
> # Ports and address to use for HTTP and ICP
> ##
>
> #bind ip_addr|hostname
> http_port 3128
> icp_port 3130
>
> ##
> ## Change euid to that user
> ##
> ## WARNING: if you use 'userid, then you 'reconfigure will not be able to
> ## open new sockets on reserved (< 1024) ports and will not be able
> ## to return to original userid.
> ##
>
>
> ##
> ## Change root directory. If don't know exactly what are you doing -
> ## leave commented.
> #chroot ???
>
> ##
> # Logfile - just debug output
> # When used in form 'filename [{N S}] [[un]buffered]'
> # will be rotated automatically (up to N files up to S bytes in size)
> ##
> #logfile /dev/tty
> logfile /usr/local/proxy/oops/logs/oops.log { 3 1m } unbuffered
>
> ##
> # Accesslog - the same as for squid. Re rotating - see note for logfile
> ##
> #accesslog /dev/tty
> accesslog /usr/local/proxy/oops/logs/access.log
>
> ##
> # Pidfile. for kill -1 `cat oops.pid` and for locking.
> ##
> pidfile /usr/local/proxy/oops/logs/oops.pid
>
> ##
> # Statistics file - once per minute flush some statistics to this file
> ##
> statistics /usr/local/proxy/oops/logs/oops_statfile
>
> ##
> # icons - where to find link.gif, dir.gif, binary.gif and so on (for
> # ftp lists). If omitted - name of running host will be used. But
> # using explicit names is better way.
> ##
>
> #icons-host ss5.paco.net
> #icons-port 80
> #icons-path icons
>
> ##
> # When total object volume in memory grow over this (this mean
> # that cachable data from network came faster then we can save on disk)
> # drop objects (without attempt to save on disk).
> ##
> mem_max 64m
>
> ##
> # Hint, how much cached objects keep in memory.
> # When total amount become larger then this limit - start
> # swaping cachable objects to disk
> ##
> lo_mark 8m
>
> ##
> # start random early drop when number of clients reach some level.
> # this can protect you against attacks and against situation when
> # oops cant handle too much connections. By default - 0 (or no limits).
> ##
> #start_red 0
>
> ##
> # refuse any connection when number of already connected clients reach some
> # level. By default - 0 (or no limits).
> ##
> #refuse_at 0
>
> ##
> # if document contain no Expires: then expire after (in days)
> # ftp-expire-value - expire time for ftp (in days)
> ##
> default-expire-value 7
> ftp-expire-value 7
>
> ##
> # Maximum expite time - doc will not keep in cache more then
> # this number of days (except if defaiult-expire-value used for this documeny)
> ##
> max-expire-value 30
>
> ##
> # in which proportion time passed since last document modification
> # will accounted in expire time. For example, if last-modified-factor=5
> # and there was passed 10 days since document modification, then expiration
> # will be setted to 2 days in future (but no nore then max-expire-value)
> ##
> last-modified-factor 5
>
> ##
> # If you want not cache replies without Last-Modified:
> # uncomment next line.
> ##
> #dont_cache_without_last_modified
>
> # run expire every ( in hours )
> ##
> default-expire-interval 1
>
> ##
> # icp_timeout - how long to wait icp reply from peer (in ms, e.g 1000 = 1sec)
> ##
> icp_timeout 10000
>
> ##
> # start disk cache cleanup when free space will be (in %%)
> # As on the very large storages 1% is large space (1% from 9G is
> # 90M), then on such storages you can set both disk-low-free and
> # disk-ok-free to 0. Oops will start cleanup if it have less then 256
> # free blocks(1M), and stop when it reach 512 bree blocks(2M).
> ##
> disk-low-free 3
>
> ##
> # stop disk cache cleanup when free space will be (in %%)
> ##
> disk-ok-free 5
>
> ##
> # Force_http11 - turn on http/1.1 for each request to document server
> # This option required if module 'vary' used.
> ##
> force_http11
>
> ##
> # Always check document freshness, even it is not stale or expired
> # This force Oops behave like squid - first check cached doc, then send
> ##
> always_check_freshness
>
> ##
> # If user-requestor aborted connection to proxy, but there was received more
> # then some percent ot the document - then continue.
> # default value - 75%
> ##
> force_completion 75
>
> ##
> # maximum size of the object we will cache
> ##
> maxresident 1m
>
> insert_x_forwarded_for yes
> insert_via yes
>
> ##
> # If host have several interfaces or aliases, use exactly
> # this name when connecting to server:
> ##
> #connect-from proxy.paco.net
>
> ##
> # ACLs - currently: urlregex, urlpath, usercharset
> # port, dstdom, dstdom_regex, src_ip, time
> # each acl can be loaded from file.
> ##
> #acl CACHEABLECGI urlregex
>http://www\.topping\.com\.ua/cgi-bin/pingstat\.cgi\?072199131826
> #acl WWWPACO urlregex www\.paco\.net
> #acl NO_RLH urlregex zipper
> #acl REWRITEPORTS urlregex (www.job.ru|www.sale.ru)
> #acl REWRITEHOSTS urlregex (www.asm.ru|zipper\.paco)
> #acl WINUSER usercharset windows-1251
> #acl DOSUSER usercharset ibm866
> #acl UNIXUSER usercharset koi8-r
> #acl RUS dstdom ru su
> #acl UKR dstdom ua
> #acl BADPORTS port [0:79],110,138,139,513,[6000:6010]
> #acl BADDOMAIN dstdom baddomain1.com baddomain2.com
> #acl BADDOMREGEX dstdom_regex baddomain\.((com)|(org))
> #acl LOCAL_NETWORKS src_ip
>include:/usr/local/proxy/oops/acl_local_networks
> #acl BADNETWORKS src_ip 192.168.10/24
> #acl WORKTIME time Mon,Tue:Fri 0900:1800
> #acl HTMLS content_type text/html
> #acl USERS username joe
> acl ADMINS src_ip 127.0.0.1
> acl PURGE method PURGE
>
> ##
> # acl_deny [!]ACL [!]ACL ...
> # deny access for combined acl
> ##
> acl_deny PURGE !ADMINS
>
> ##
> # Never cache objects with URL, containing...
> ##
> stop_cache ?
> stop_cache cgi-bin
>
> ##
> # stop_cache_acl [!]ACL [!]ACL ...
> # Stop cache using ACL
> ##
> #stop_cache_acl WWWPACO
>
> ##
> # refresh_pattern ACLNAME min percent max
> # 'min' and 'max' are limits between Expite time will be assigned
> # Iff document have no expire: header and have Last-Modified: header
> # we will use 'percent' to estimate how far in the future document will
> # be expired.
> ##
> #refresh_pattern CACHEABLECGI 20 50% 200
> #refresh_pattern WWWPACO 0 0% 0
>
> ##
> # bind_acl {hostname|ip} [!]ACL [!]ACL ...
> # bind to given address when connecting to server
> # if request match ACLNAME
> ##
> #bind_acl outname1 RUS
> #bind_acl outname2 UKR
>
> ##
> # Always check document freshness, but now on acl basis.
> # You can have several such lines.
> ## This example will force to check freshness only for html documents.
> #always_check_freshness_acl HTMLS
>
> ##
> # line 'parent ....' will force all connections (except to destinations
> # in local-domain or local-networks) go through parent host
> ##
> #parent proxy.paco.net 3128
>
> ##
> # parent_auth login:password
> # if your parent require login/password from your proxy
> ##
> #parent_auth login:password
>
> # ICP peer's
> #peer proxy.paco.net 3128 3130 {
> ## ^^^ peer name ^http port ^icp port
> ## icp port can be 0, in which case we assume this is non-icp
> ## proxy. We assume that non-icp peer act like parent which
> ## answer MISS all th etime. If this peer refused connection
> ## then it goes down for 60 seconds - it doesn't take part in
> ## any peer-related decisions.
> # sibling ;
> ## if this peer require login/password from your proxy
> # my_auth my_login:my_password;
> ## we will send requests for these domains
> # allow dstdomain * ;
> ## we will NOT send requests for these domains
> # deny dstdomain * ;
> ## we will send only requests matched to this acl
> # peer_access [!]ACL1 [!]ACL2
> ## if (and only if) peer is not icp-capable, then , in case of fail we
> ## leave failed peer alone for the down_timeout interval (in seconds).
> ## Then we will try again
> # down_timeout 60 ;
> #}
>
> #peer proxy.gu.net 80 3130 {
> # parent ;
> # allow dstdomain * ;
> # deny dstdomain paco.net odessa.ua ;
> #}
>
> ##
> # Never use "parent" when connecting to server in these domains
> ##
> local-domain elcat2.bishkek.su bishkek.su
> #local-domain odessa.net paco.net netsy.net netsy.com te.net.ua
>
> local-networks 212.42.101/24
>
> #
> # Groups
> #
>
> group elcat2 {
> ##
> # You can describe group ip adresses here, or using src_ip acl's
> # with networks_acl directive.
> # networks_acl always have higher preference (checked first) and
> # are checked in the order of appearance.
> # If host wil not fall in any networks_acl - we check in networks.
> # networks are ordered by masklen - longest masks(most specific networks)
> # are checked first.
> ##
> networks 212.42.101/24 ;
> # networks_acl LOCAL_NETWORKS !BAD_NETWORKS ;
> badports [0:79],110,138,139,513,[6000:6010] ;
> miss allow;
> ##
> # denytime - when deny access to proxy server for this group
> ##
> # denytime Sat,Sun 0642:1000
> # denytime Mon,Thu:Fri,Sun 0900:2100
> ##
> # Authentication modules for this group (seprated by space)
> ##
> # auth_mods passwd_file;
>
> ##
> # URL-Redirector (porno, ad. filtering) modules for this group (separate by
> # space)
> ##
> # redir_mods redir;
>
>
> ##
> # limit whole group to 8Kbytes per sec
> ##
> bandwidth 8k;
>
> ##
> # limit each host 8Kbytes per sec
> ##
> # per_ip_bw 8k;
>
> ##
> # limit connections number from each host
> #
> # per_ip_conn 8;
>
> ##
> # limit request rate from this group (requests per second). This is crude,
> # and must be used as last resort
> ##
> # maxreqrate 100;
>
> ##
> # icp acl ...
> ##
> icp {
> allow dstdomain * ;
> }
>
> ##
> # http acl
> ##
> http {
> ##
> # http acls can be in form 'allow dstdomain domainname domainname ... domainname ;
> # or in form 'allow dstdomain include:filename ;
> # where filename - name of the file, which contain
> # domainnames (one per line, # - comment line);
> # the same rules for 'deny'
> ##
> allow dstdomain * ;
> }
> }
>
> group world {
> networks 0/0;
> badports [0:79],110,138,139,513,[6000:6010];
> http {
> deny dstdomain * ;
> }
> icp {
> deny dstdomain * ;
> }
> }
>
> ##
> # Storage section
> # Change this for your own situation. Oops can work without
> # storages (using only in-memory cache).
> ##
>
> ##
> # Storage description (can be several)
> # path - filename of storage. can be raw device (be carefull!)
> # size - size (of storage file). Can be smthng like 100k or 200m or 4g
> # Size used only durig format process (oops -z).
> ##
>
> storage {
> path /usr/local/proxy/oops/storages/oops_storage ;
> # Size of the storage. Can be in bytes or 'auto'. Auto is
> # usefull for pre-created storages or disk slices.
> # NOTE: 'size auto' won't work for Linux on disk slices.
> # To use large ( > 2G ) files run configure with --enable-large-files
>
> size 520m ;
>
> # You have to use 'offset' in the case your raw device (or slice)
> # require that. For example if you use entire disk as storage
> # under AIX and Soalris/Sparc - you have to skip first block
> # which contain disk label (that is storage will start from
> # next 512 sector.
> # offset 512;
> }
>
> storage {
> path /usr/local/proxy/oops/storages/oops_storage1 ;
> size 600m ;
> }
>
> module lang {
>
> default_charset koi8-r
>
> # Recode tables and other charset stuff
> CharsetRecodeTable windows-1251 /usr/local/proxy/oops/tables/koi-win.tab
> CharsetRecodeTable ISO-8859-5 /usr/local/proxy/oops/tables/koi-iso.tab
> CharsetRecodeTable ibm866 /usr/local/proxy/oops/tables/koi-alt.tab
> CharsetAgent windows-1251 AIR_Mosaic IWENG/1 MSIE WinMosaic (Windows (WinNT;
> CharsetAgent windows-1251 (Win16; (Win95; (Win98; (16-bit) Opera/3.0
> CharsetAgent ibm866 DosLynx Lynx2/OS/2
> }
>
> module err {
> # error reporting module
>
> # template
> template /usr/local/proxy/oops/err_template.html
>
> # Language to use when generate Error messages
> lang ru
> }
>
> module passwd_file {
> # password proxy-authentication module
> #
> # default realm, scheme and passwd file
> # the only thing you really want to change is 'file' and 'template'
> # you don't have to reconfigure oops if you only
> # change content passwd file or template: oops authomatically
> # reload file
>
> realm oops
> scheme Basic
> file /usr/local/proxy/oops/passwd
> template /usr/local/proxy/oops/auth_template.html
> }
>
> module passwd_pgsql {
> # proxy authentication using postgresql
> # "Ivan B. Yelnikov" <[EMAIL PROTECTED]>
> #
> # host - host where database live,
> # user,password - login and password for database access
> # database - database name
> # select - file with request body
> # template - file with html doc which user will receive
> # during authentication
> scheme Basic
> realm oops
> host <host address/name>
> user <database_user>
> password <user_password>
> database <database_name>
> select /usr/local/proxy/oops/select.sql
> template /usr/local/proxy/oops/auth_template.html
> }
>
> module passwd_mysql {
> # proxy authentication usin mysql
> # "Ivan B. Yelnikov" <[EMAIL PROTECTED]>
> #
> # look passwd_pgsql description
> #
> scheme Basic
> realm oops
> host <host address/name>
> user <database_user>
> password <user_password>
> database <database_name>
> select /usr/local/proxy/oops/select.sql
> template /usr/local/proxy/oops/auth_template.html
> }
>
> module redir {
> # file - regex rules.
> # each line consist of one or two fields (separated with white space)
> # 1. regular expression
> # 2. redirect-location
> # if requested (by client) url match regex then
> # if we have redirect-url then we send '302 Moved Temporary' to
> # redirect-location
> # if we have no redirect-location (i.e. we have no 2-nd field)
> # then we send template.html (%R will be substituted by rule)
> # or some default message if we have no template.
> # you don't have to reconfigure oops each time
> # you edit rules or template, they will be reloaded authomatically
>
> file /usr/local/proxy/oops/redir_rules
> template /usr/local/proxy/oops/redir_template.html
> ## mode control will redir rewrite url or send Location: header
> ## with new location. Values are 'rewrite' or 'bounce'
> # mode rewrite
>
> # This module can process requests which come on http_port
> # and/or on different port. For example, you wish oops
> # bind on two ports - 3128 and 3129, and all requests which come on
> # port 3129 must pass through filters, and requests which come on port
> # 3128 (common http_port) - not. Then you have to uncomment next line
> # myport 3129
> # which means exactly: bind oops to additional port 3129 and process
> # requests which come on this port.
> # myport can be in the next form:
> # myport [{hostname|ip_addr}:]port
> }
>
> module oopsctl {
> # path to oopsctl unix socket
> socket_path /usr/local/proxy/oops/logs/oopsctl
> # time to auto-refresh page (seconds)
> html_refresh 300
> }
>
> ##
> ## This module hadnle 'Vary' header - it was written to better support
> ## Russian Apache
> ##
> module vary {
> user-agent by_charset
> accept-charset ignore
> }
>
> ##
> ## WWW -accelerator. To use - add word accel to
> ## redir_mods line for
> ## the group 'world' description
> ## You will find more description of this module in supplied accel_maps file
> ##
> #module accel {
> # myport can have next form:
> # myport [{hostname|ip_addr}:]port ...
> # myport 80
> ##
> # allow access to proxy through accel module.
> # Deny will stop proxy through accel completely, regardless
> # of any other access rules
> ##
> # proxy_requests deny
> #
> ##
> # File with maps and other config directives
> # Checked once per minute. No need to restart oops if maps changed
> ##
> # file /usr/local/proxy/oops/accel_maps
> #}
>
> ##
> ## Transparent proxy. To use - add word 'transparent' into
> ## redir_mods line for your group.
> ## in the your local (or any other) group description
> ##
> #module transparent {
> # myport can have next form:
> # myport [{hostname|ip_addr}:]port ...
> # myport 3128
> #}
>
> ##
> ## %h - remote ip address
> ## %A - local ip address
> ## %d - ip address of source (peer or document server)
> ## %l - remote logname from identd (not suported now)
> ## %U - remote user (from 'Authorization' header)
> ## %u - remote user (from proxy-auth)
> ## %{format}t - time with optional {format} (for strftime)
> ## %t - time with standard format %d/%b/%Y:%T %Z
> ## %r - request line
> ## %s - status code
> ## %b - bytes received
> ## %{header}i - value of header in request
> ## %m - HIT/MISS
> ## %k - hierarchy (DIRECT/NONE/...)
> ##
> ## directive buffered can be followed by size of the buffer,
> ## like 'buffered 32000'
> ##
> #module customlog {
> # path /usr/local/oops/logs/access_custom1
> # format "%h %l %u %t \"%r\" %>s %b"
> # squid httpd mode log emulation
> # format "%h %u %l %t \"%r\" %s %b %m:%k"
> # buffered
> # path /usr/local/oops/logs/access_custom2
> # format "%h->%A %l %u [%t] \"%r\" %s %b \"%{User-Agent}i\""
> #}
>
> module berkeley_db {
> ##
> # dbhome - directory where all DB indexes reside. Use full path
> # this directory must exist.
> # dbname - filename for index file. Use just filename (no full path)
> ##
>
> dbhome /usr/local/proxy/oops/DB
> dbname dburl
>
> ##
> # This parameter specifies internal cache size of BerkeleyDB.
> # Increase this parameter for best performance (if you have a lot of memory).
> # For example: db_cache_mem 64m
> # Default and minimum value: 4m
> #
> # This memory pool is not part of memory pool, specified by mem_max parameter.
> # WARNING: the amount of RAM used by oops will be increased by the value of
> # this parameter.
> db_cache_mem 64m
>
> }
>
> #module gigabase_db {
> # This module enable GigaBASE as database engine.
> # You can use berkeley_db or gigabase_db, not both.
> # Also, important notice - indexes created with different modules
> # are not compatible.
> # ##
> # # dbhome - directory where all DB indexes reside. Use full path
> # # this directory must exist.
> # # dbname - filename for index file. Use just filename (no full path)
> # ##
> #
> # dbhome /usr/local/proxy/oops/DB
> # dbname gdburl
> #
> # ##
> # # This parameter specifies internal cache size of BerkeleyDB.
> # # Increase this parameter for best performance (if you have a lot of memory).
> # # For example: db_cache_mem 64m
> # # Default and minimum value: 4m
> # #
> # # This memory pool is not part of memory pool, specified by mem_max parameter.
> # # WARNING: the amount of RAM used by oops will be increased by the value of
> # # this parameter.
> # ##
> # #db_cache_mem 4m
> #
> #}
> ----------------------------END---------------------------------
>
>
> =====================================================================
> If you would like to unsubscribe from this list send message to
> [EMAIL PROTECTED] with "unsubscribe oops" in message body.
> Archive is accessible on http://www.paco.net/oops/
>
Igor Khasilev |
PACO Links, igor at paco dot net |
=====================================================================
If you would like to unsubscribe from this list send message to
[EMAIL PROTECTED] with "unsubscribe oops" in message body.
Archive is accessible on http://www.paco.net/oops/
