Squid перестал пропускать клиентов и не пингует google

Ответить
rick
Дорогой гость
Сообщения: 82
Зарегистрирован: 30 окт 2015 10:33

Squid перестал пропускать клиентов и не пингует google

Сообщение rick »

Добрый день!Обращаюсь за помощью. Сквид перестал пропускать клиентов в логе TCP_DENIED/403 4528
sudo tail -f /var/log/squid3/access.log.

Код: Выделить всё

sudo tail -f /var/log/squid3/cache.log
2016/08/04 10:59:41|   Completed Validation Procedure
2016/08/04 10:59:41|   Validated 0 Entries
2016/08/04 10:59:41|   store_swap_size = 0.00 KB
2016/08/04 10:59:41| pinger: Initialising ICMP pinger ...
2016/08/04 10:59:41| pinger: ICMP socket opened.
2016/08/04 10:59:41| Starting new basicauthenticator helpers...
2016/08/04 10:59:41| helperOpenServers: Starting 1/20 'basic_ldap_auth' processes
2016/08/04 10:59:41| Starting new basicauthenticator helpers...
2016/08/04 10:59:41| helperOpenServers: Starting 1/20 'basic_ldap_auth' processes
2016/08/04 10:59:42| storeLateRelease: released 0 objects
DNS сервер работает. Внутри сети по имени связь есть.
Подскажите куда копать ?
Аватара пользователя
Алексей Максимов
Администратор сайта
Сообщения: 572
Зарегистрирован: 14 сен 2012 06:50
Откуда: г.Сыктывкар
Контактная информация:

Re: Squid перестал пропускать клиентов и не пингует google

Сообщение Алексей Максимов »

Покажите, что появляется в логах access.log и cache.log при рестарте squid
rick
Дорогой гость
Сообщения: 82
Зарегистрирован: 30 окт 2015 10:33

Re: Squid перестал пропускать клиентов и не пингует google

Сообщение rick »

Вот acсess:
2016/08/04 12:14:41| Open FD READ/WRITE 5 DNS Socket IPv4
2016/08/04 12:14:41| Open FD READ/WRITE 6 negotiate_wrapper_auth #1
2016/08/04 12:14:41| Open FD READ/WRITE 8 negotiate_wrapper_auth #2
2016/08/04 12:14:41| Open FD READING 9 Reading next request
2016/08/04 12:14:41| Open FD READ/WRITE 10 negotiate_wrapper_auth #3
2016/08/04 12:14:41| Open FD READ/WRITE 11 basic_ldap_auth #1
2016/08/04 12:14:41| Open FD READ/WRITE 12 negotiate_wrapper_auth #4
2016/08/04 12:14:41| Open FD UNSTARTED 13 client http connect
2016/08/04 12:14:41| Open FD READ/WRITE 14 negotiate_wrapper_auth #5
2016/08/04 12:14:41| Open FD READ/WRITE 15 basic_ldap_auth #1
2016/08/04 12:14:41| Open FD UNSTARTED 16 negotiate_wrapper_auth #6
2016/08/04 12:14:41| Open FD READING 17 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 18 negotiate_wrapper_auth #7
2016/08/04 12:14:41| Open FD READ/WRITE 19 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 20 negotiate_wrapper_auth #8
2016/08/04 12:14:41| Open FD READ/WRITE 21 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 22 negotiate_wrapper_auth #9
2016/08/04 12:14:41| Open FD UNSTARTED 23 vk.com
2016/08/04 12:14:41| Open FD UNSTARTED 24 negotiate_wrapper_auth #10
2016/08/04 12:14:41| Open FD READ/WRITE 25 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 26 negotiate_wrapper_auth #11
2016/08/04 12:14:41| Open FD UNSTARTED 27 mail.google.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 28 negotiate_wrapper_auth #12
2016/08/04 12:14:41| Open FD UNSTARTED 29 cloud.radar.imgsmail.ru:443
2016/08/04 12:14:41| Open FD UNSTARTED 30 negotiate_wrapper_auth #13
2016/08/04 12:14:41| Open FD UNSTARTED 31 mail.google.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 32 negotiate_wrapper_auth #14
2016/08/04 12:14:41| Open FD UNSTARTED 33 vk.com
2016/08/04 12:14:41| Open FD UNSTARTED 34 negotiate_wrapper_auth #15
2016/08/04 12:14:41| Open FD READ/WRITE 35 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 36 negotiate_wrapper_auth #16
2016/08/04 12:14:41| Open FD UNSTARTED 37 vk.com
2016/08/04 12:14:41| Open FD UNSTARTED 38 negotiate_wrapper_auth #17
2016/08/04 12:14:41| Open FD UNSTARTED 39 vk.com
2016/08/04 12:14:41| Open FD UNSTARTED 40 negotiate_wrapper_auth #18
2016/08/04 12:14:41| Open FD READ/WRITE 41 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 42 negotiate_wrapper_auth #19
2016/08/04 12:14:41| Open FD UNSTARTED 43 dispatcher.cloud.mail.ru:443
2016/08/04 12:14:41| Open FD UNSTARTED 44 negotiate_wrapper_auth #20
2016/08/04 12:14:41| Open FD READ/WRITE 45 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 46 negotiate_wrapper_auth #21
2016/08/04 12:14:41| Open FD UNSTARTED 47 clients4.google.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 48 negotiate_wrapper_auth #22
2016/08/04 12:14:41| Open FD READ/WRITE 49 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 50 negotiate_wrapper_auth #23
2016/08/04 12:14:41| Open FD READ/WRITE 51 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 52 negotiate_wrapper_auth #24
2016/08/04 12:14:41| Open FD READ/WRITE 53 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 54 negotiate_wrapper_auth #25
2016/08/04 12:14:41| Open FD READ/WRITE 55 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 56 negotiate_wrapper_auth #26
2016/08/04 12:14:41| Open FD READ/WRITE 57 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 58 negotiate_wrapper_auth #27
2016/08/04 12:14:41| Open FD UNSTARTED 59 mail.google.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 60 negotiate_wrapper_auth #28
2016/08/04 12:14:41| Open FD READ/WRITE 61 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 62 negotiate_wrapper_auth #29
2016/08/04 12:14:41| Open FD READ/WRITE 63 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 64 negotiate_wrapper_auth #30
2016/08/04 12:14:41| Open FD UNSTARTED 65 a.wunderlist.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 66 negotiate_wrapper_auth #31
2016/08/04 12:14:41| Open FD UNSTARTED 67 a.wunderlist.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 68 negotiate_wrapper_auth #32
2016/08/04 12:14:41| Open FD UNSTARTED 69 vk.com
2016/08/04 12:14:41| Open FD UNSTARTED 70 negotiate_wrapper_auth #33
2016/08/04 12:14:41| Open FD UNSTARTED 71 vk.com
2016/08/04 12:14:41| Open FD UNSTARTED 72 negotiate_wrapper_auth #34
2016/08/04 12:14:41| Open FD UNSTARTED 73 http://www.gstatic.com
2016/08/04 12:14:41| Open FD UNSTARTED 74 negotiate_wrapper_auth #35
2016/08/04 12:14:41| Open FD READ/WRITE 75 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 76 negotiate_wrapper_auth #36
2016/08/04 12:14:41| Open FD UNSTARTED 77 a.wunderlist.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 78 negotiate_wrapper_auth #37
2016/08/04 12:14:41| Open FD READ/WRITE 79 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 80 negotiate_wrapper_auth #38
2016/08/04 12:14:41| Open FD UNSTARTED 81 a.wunderlist.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 82 negotiate_wrapper_auth #39
2016/08/04 12:14:41| Open FD READ/WRITE 83 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 84 negotiate_wrapper_auth #40
2016/08/04 12:14:41| Open FD UNSTARTED 85 mail.google.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 86 negotiate_wrapper_auth #41
2016/08/04 12:14:41| Open FD READ/WRITE 87 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 88 negotiate_wrapper_auth #42
2016/08/04 12:14:41| Open FD UNSTARTED 89 clients4.google.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 90 negotiate_wrapper_auth #43
2016/08/04 12:14:41| Open FD UNSTARTED 92 negotiate_wrapper_auth #44
2016/08/04 12:14:41| Open FD UNSTARTED 94 negotiate_wrapper_auth #45
2016/08/04 12:14:41| Open FD UNSTARTED 96 negotiate_wrapper_auth #46
2016/08/04 12:14:41| Open FD READ/WRITE 97 Idle client: Waiting for next reque st
2016/08/04 12:14:41| Open FD UNSTARTED 98 negotiate_wrapper_auth #47
2016/08/04 12:14:41| Open FD READ/WRITE 99 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 100 negotiate_wrapper_auth #48
2016/08/04 12:14:41| Open FD UNSTARTED 101 clients2.google.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 102 negotiate_wrapper_auth #49
2016/08/04 12:14:41| Open FD READ/WRITE 103 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 104 negotiate_wrapper_auth #50
2016/08/04 12:14:41| Open FD UNSTARTED 105 ping3.teamviewer.com
2016/08/04 12:14:41| Open FD UNSTARTED 106 ntlm_auth #1
2016/08/04 12:14:41| Open FD READ/WRITE 107 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 108 ntlm_auth #2
2016/08/04 12:14:41| Open FD UNSTARTED 109 api.browser.yandex.ru:443
2016/08/04 12:14:41| Open FD UNSTARTED 110 ntlm_auth #3
2016/08/04 12:14:41| Open FD READ/WRITE 111 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 112 ntlm_auth #4
2016/08/04 12:14:41| Open FD UNSTARTED 113 pass.yandex.ru:443
2016/08/04 12:14:41| Open FD UNSTARTED 114 ntlm_auth #5
2016/08/04 12:14:41| Open FD READ/WRITE 115 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 116 ntlm_auth #6
2016/08/04 12:14:41| Open FD UNSTARTED 117 mail.yandex.ua:443
2016/08/04 12:14:41| Open FD UNSTARTED 118 ntlm_auth #7
2016/08/04 12:14:41| Open FD UNSTARTED 119 pass.yandex.ru:443
2016/08/04 12:14:41| Open FD UNSTARTED 120 ntlm_auth #8
2016/08/04 12:14:41| Open FD READ/WRITE 121 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 122 ntlm_auth #9
2016/08/04 12:14:41| Open FD UNSTARTED 123 safebrowsing.google.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 124 ntlm_auth #10
2016/08/04 12:14:41| Open FD UNSTARTED 126 ntlm_auth #11
2016/08/04 12:14:41| Open FD UNSTARTED 128 ntlm_auth #12
2016/08/04 12:14:41| Open FD UNSTARTED 130 ntlm_auth #13
2016/08/04 12:14:41| Open FD READ/WRITE 131 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 132 ntlm_auth #14
2016/08/04 12:14:41| Open FD UNSTARTED 133 pass.yandex.ru:443
2016/08/04 12:14:41| Open FD UNSTARTED 134 ntlm_auth #15
2016/08/04 12:14:41| Open FD READ/WRITE 135 Reading next request
2016/08/04 12:14:41| Open FD UNSTARTED 136 ntlm_auth #16
2016/08/04 12:14:41| Open FD UNSTARTED 137 a.wunderlist.com:443
2016/08/04 12:14:41| Open FD UNSTARTED 138 ntlm_auth #17
2016/08/04 12:14:41| Open FD UNSTARTED 140 ntlm_auth #18
2016/08/04 12:14:41| Open FD UNSTARTED 142 ntlm_auth #19
2016/08/04 12:14:41| Open FD UNSTARTED 144 ntlm_auth #20
2016/08/04 12:14:41| Open FD READ/WRITE 147 ext_ldap_group_acl #1
2016/08/04 12:14:41| Open FD READ/WRITE 149 ext_ldap_group_acl #2
2016/08/04 12:14:41| Open FD READ/WRITE 151 ext_ldap_group_acl #3
2016/08/04 12:14:41| Open FD UNSTARTED 153 ext_ldap_group_acl #4
2016/08/04 12:14:41| Open FD UNSTARTED 155 ext_ldap_group_acl #5
2016/08/04 12:14:41| Open FD UNSTARTED 156 IPC UNIX STREAM Parent
2016/08/04 12:14:41| Squid Cache (Version 3.3.8): Exiting normally.
2016/08/04 12:14:42| Starting Squid Cache version 3.3.8 for x86_64-pc-linux-gnu. ..
2016/08/04 12:14:42| Process ID 1551
2016/08/04 12:14:42| Process Roles: master worker
2016/08/04 12:14:42| With 65536 file descriptors available
2016/08/04 12:14:42| Initializing IP Cache...
2016/08/04 12:14:42| DNS Socket created at 0.0.0.0, FD 5
2016/08/04 12:14:42| Adding domain kh.ukrprod.com.ua from /etc/resolv.conf
2016/08/04 12:14:42| Adding nameserver 172.24.14.8 from /etc/resolv.conf
2016/08/04 12:14:42| Adding nameserver 8.8.8.8 from /etc/resolv.conf
2016/08/04 12:14:42| Adding nameserver 172.24.14.8 from /etc/resolv.conf
2016/08/04 12:14:42| Adding domain kh.ukrprod.com.ua from /etc/resolv.conf
2016/08/04 12:14:42| Adding domain kh.ukrprod.com.ua from /etc/resolv.conf
2016/08/04 12:14:42| helperOpenServers: Starting 50/200 'negotiate_wrapper_auth' processes
2016/08/04 12:14:44| helperOpenServers: Starting 20/100 'ntlm_auth' processes
2016/08/04 12:14:45| helperOpenServers: Starting 0/20 'basic_ldap_auth' processe s
2016/08/04 12:14:45| helperOpenServers: No 'basic_ldap_auth' processes needed.
2016/08/04 12:14:45| helperOpenServers: Starting 5/5 'ext_ldap_group_acl' proces ses
2016/08/04 12:14:46| Logfile: opening log daemon:/var/log/squid3/access.log
2016/08/04 12:14:46| Logfile Daemon: opening log /var/log/squid3/access.log
2016/08/04 12:14:46| Unlinkd pipe opened on FD 161
2016/08/04 12:14:46| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2016/08/04 12:14:46| Store logging disabled
2016/08/04 12:14:46| Swap maxSize 7168000 + 524288 KB, estimated 591714 objects
2016/08/04 12:14:46| Target number of buckets: 29585
2016/08/04 12:14:46| Using 32768 Store buckets
2016/08/04 12:14:46| Max Mem size: 524288 KB
2016/08/04 12:14:46| Max Swap size: 7168000 KB
2016/08/04 12:14:46| Rebuilding storage in /mnt/squid-cache/ (clean log)
2016/08/04 12:14:46| Using Least Load store dir selection
2016/08/04 12:14:46| Set Current Directory to /var/spool/squid3
2016/08/04 12:14:46| Loaded Icons.
2016/08/04 12:14:46| HTCP Disabled.
2016/08/04 12:14:46| Pinger socket opened on FD 167
2016/08/04 12:14:46| Squid plugin modules loaded: 0
2016/08/04 12:14:46| Adaptation support is off.
2016/08/04 12:14:46| Accepting HTTP Socket connections at local=172.24.14.4:3128 remote=[::] FD 164 flags=9
2016/08/04 12:14:46| Accepting HTTP Socket connections at local=127.0.0.1:3128 r emote=[::] FD 165 flags=9
2016/08/04 12:14:46| Done reading /mnt/squid-cache/ swaplog (0 entries)
2016/08/04 12:14:46| Store rebuilding is 0.00% complete
2016/08/04 12:14:46| Finished rebuilding storage from disk.
2016/08/04 12:14:46| 0 Entries scanned
2016/08/04 12:14:46| 0 Invalid entries.
2016/08/04 12:14:46| 0 With invalid flags.
2016/08/04 12:14:46| 0 Objects loaded.
2016/08/04 12:14:46| 0 Objects expired.
2016/08/04 12:14:46| 0 Objects cancelled.
2016/08/04 12:14:46| 0 Duplicate URLs purged.
2016/08/04 12:14:46| 0 Swapfile clashes avoided.
2016/08/04 12:14:46| Took 0.07 seconds ( 0.00 objects/sec).
2016/08/04 12:14:46| Beginning Validation Procedure
2016/08/04 12:14:46| Completed Validation Procedure
2016/08/04 12:14:46| pinger: Initialising ICMP pinger ...
2016/08/04 12:14:46| Validated 0 Entries
2016/08/04 12:14:46| store_swap_size = 0.00 KB
2016/08/04 12:14:46| pinger: ICMP socket opened.
2016/08/04 12:14:46| Pinger exiting.
2016/08/04 12:14:46| Starting new basicauthenticator helpers...
2016/08/04 12:14:46| helperOpenServers: Starting 1/20 'basic_ldap_auth' processe s
2016/08/04 12:14:46| Starting new basicauthenticator helpers...
2016/08/04 12:14:46| helperOpenServers: Starting 1/20 'basic_ldap_auth' processe s
2016/08/04 12:14:47| storeLateRelease: released 0 objects


Вот cache:
TCP_DENIED/403 4521 CONNECT api.vk.com:443 d.ivanov HIER_NONE/- text/html
Аватара пользователя
Алексей Максимов
Администратор сайта
Сообщения: 572
Зарегистрирован: 14 сен 2012 06:50
Откуда: г.Сыктывкар
Контактная информация:

Re: Squid перестал пропускать клиентов и не пингует google

Сообщение Алексей Максимов »

Вроде не видно явных ошибок при старте в cache.log. Может быть с хелперами беда какая-то. Пробуйте отключить все хелперы и включать по очереди с добавлением ключа дебага в хелпере, чтобы в лог побольше инфы высыпалось о том как проходят процессы аутентификации/авторизации. Другого варианта поиска я пока не вижу.
rick
Дорогой гость
Сообщения: 82
Зарегистрирован: 30 окт 2015 10:33

Re: Squid перестал пропускать клиентов и не пингует google

Сообщение rick »

Спасибо за помощь, прлоблема была сетевого характера.После бурь и погодных условий с маршрутизатора слетел ip адрес который выпущен за nat.Сетевой инженер все поправил. Спасибо, что откликнулись!
Ответить

Вернуться в «Прокси-сервер Squid»