squid 缓存关闭错误

tag-icon tag-icon linux networking squid
squid 缓存关闭错误

我不是 squid 专家,我想请教您一些意见。我的网关运行 debian 7.1 wheezy,安装了 Squid 2.7.STABLE9-4.1。然后我有一台运行 Windows 2000 的服务器(该服务器位于本地网络中)。我们的会计网站正在此服务器上运行。最后,我有一台 Ubuntu (13.10) 工作站,为 squid 设置了系统范围的代理。工作站使用 squid 访问互联网和本地网络。

当我尝试连接到 Windows 服务器上的主页时,我可以在 squid 上看到该页面的 TCP_MISS/200。这个页面已检索,但其中包含的所有资源(css、js、图像)都以 TCP_MISS/304 检索。我在 Web 检查器(在其中一个工作站上)中检查了整个页面请求/响应过程,主页的所有资源(在 squid 中遇到 TCP_MISS/304)都显示此错误页面:

The requested URL could not be retrieved.The following error was 
encountered while trying to retrieve the URL: http://server1:82/MWL/C1_MWL_7_0.css 
This cache is in the process of shutting down and can not service 
your request at this time. Please retry your request again soon.

互联网站点的访问工作正常。我们其他内部网络服务器的访问也正常。对于这些站点,squid 也在日志中返回 TCP_MISS/304,但整个内容和资源都显示正确。我不需要缓存,squid 主要用于限制互联网用户。

这是我的鱿鱼配置:

http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
maximum_object_size 10000 KB
cache_dir ufs /var/spool/squid 3800 16 256
cache_access_log /var/log/squid/access.log
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl localnet src 192.168.1.0/255.255.255.0
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 81          # test web
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl Safe_ports port 82          # accounting
acl Safe_ports port 901         # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
acl restricteddomains dstdomain ... restricted_domains_here...
acl timeoutdomains dstdomain ... timeout domains here ...
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny baddomains
http_access allow localnet
http_access allow localhost
always_direct allow localnet
no_cache deny localnet
http_access deny all
icp_access allow all
error_directory /usr/share/squid/errors/German
delay_pools 2
delay_class 1 1
delay_class 2 1
delay_access 1 allow timeoutdomains
delay_access 1 deny all
delay_access 2 allow restricteddomains
delay_access 2 deny all
delay_parameters 1 1/1
delay_parameters 2 1200/1200

当我从两个服务器访问两个资源时,我在 /var/log/squid/access.log 中得到以下内容:

1395965664.497      2 192.168.1.8 TCP_MISS/304 394 GET http://server1:82/MWL/C1_MWL_7_0.css - DIRECT/192.168.1.110 text/css <-- here error is throw in web inspector

1395965705.776    825 192.168.1.8 TCP_MISS/304 343 GET http://server2/backuppc/image/BackupPC_stnd.css - DIRECT/192.168.1.104 - <-- content of this response is retrieved correctly

我的 /var/log/squid/store.log 表明该对象甚至未保存在磁盘上,仅从内存中使用。因此,我推测在这种情况下没有缓存,这很好。

我的问题是:为什么一台服务器无法正确加载响应(出现错误消息 - 见上文),而第二台服务器可以?我在配置中遗漏了什么吗?

如果我理解正确,TCP_MISS/304 表示服务器的资源尚未被修改,并且 Squid 未将其保存在自己的缓存中。因此,浏览器必须使用自己的缓存。如果缓存中没有任何内容,浏览器将提交 If-Modified-Since 请求,该请求将转发到服务器。如果对象尚未被修改,它将获得 304,Squid 将把它传递给您的浏览器。

最有趣的是,第二台服务器的资源加载正确,没有任何错误,并且也出现了 TCP_MISS/304。另一方面,Windows 服务器弹出缓存关闭错误,只有主页加载正确,其资源加载不正确(同样出现 TCP_MISS/304)。缓存文件夹和文件的权限正确。

这是针对会计应用程序的 css 文件的特定请求的 cache.log,该文件应该加载但实际上没有加载。我只添加了其中的最后一部分,因为它太长了(我使用了 debug_options ALL,5 - 相当冗长)。

    enter code here2014/03/31 12:29:27| The reply for GET http://192.168.1.110:82/MWL/C1_MWL_7_0.css is ALLOWED, because it matched 'all'
2014/03/31 12:29:27| comm_write: FD 18: sz 394: hndl 0xb76e2160: data 0xba0d7be8.
2014/03/31 12:29:27| cbdataLock: 0xba0d7be8
2014/03/31 12:29:27| commSetSelect: FD 18 type 2
2014/03/31 12:29:27| cbdataUnlock: 0xba0d7be8
2014/03/31 12:29:27| cbdataUnlock: 0xba10bbf0
2014/03/31 12:29:27| commSetTimeout: FD 19 timeout -1
2014/03/31 12:29:27| commSetSelect: FD 19 type 1
2014/03/31 12:29:27| comm_remove_close_handler: FD 19, handler=0xb770a6d0, data=0xba0136a8
2014/03/31 12:29:27| cbdataUnlock: 0xba0136a8
2014/03/31 12:29:27| fwdUnregister: http://192.168.1.110:82/MWL/C1_MWL_7_0.css
2014/03/31 12:29:27| comm_remove_close_handler: FD 19, handler=0xb76f7600, data=0xba0d4ca8
2014/03/31 12:29:27| cbdataUnlock: 0xba0d4ca8
2014/03/31 12:29:27| pconnNew: adding 192.168.1.110:82
2014/03/31 12:29:27| commSetSelect: FD 19 type 1
2014/03/31 12:29:27| commSetTimeout: FD 19 timeout 60
2014/03/31 12:29:27| pconnPush: pushed FD 19 for 192.168.1.110:82
2014/03/31 12:29:27| fwdComplete: http://192.168.1.110:82/MWL/C1_MWL_7_0.css
        status 304 <-- Here is 304 status again 
2014/03/31 12:29:27| fwdReforward: http://192.168.1.110:82/MWL/C1_MWL_7_0.css?
2014/03/31 12:29:27| fwdReforward: No, ENTRY_FWD_HDR_WAIT isn't set <-- could this be a cause
2014/03/31 12:29:27| fwdComplete: not re-forwarding status 304
2014/03/31 12:29:27| storeComplete: 'D2A230B5335F30795536F3F73AE9FEAE'
2014/03/31 12:29:27| storeEntryValidLength: Checking 'D2A230B5335F30795536F3F73AE9FEAE'
2014/03/31 12:29:27| storeEntryValidLength:     object_len = 229
2014/03/31 12:29:27| storeEntryValidLength:         hdr_sz = 229
2014/03/31 12:29:27| storeEntryValidLength: content_length = 0
2014/03/31 12:29:27| InvokeHandlers: D2A230B5335F30795536F3F73AE9FEAE
2014/03/31 12:29:27| InvokeHandlers: checking client #0
2014/03/31 12:29:27| fwdStateFree: 0xba0d4ca8
2014/03/31 12:29:27| storePendingNClients: returning 1
2014/03/31 12:29:27| storeUnlockObject: (forward.c:119): key 'D2A230B5335F30795536F3F73AE9FEAE' count=3
2014/03/31 12:29:27| cbdataFree: 0xba0d4ca8
2014/03/31 12:29:27| cbdataFree: Freeing 0xba0d4ca8
2014/03/31 12:29:27| storeUnlockObject: (http.c:75): key 'D2A230B5335F30795536F3F73AE9FEAE' count=2
2014/03/31 12:29:27| cbdataFree: 0xba0136a8
2014/03/31 12:29:27| cbdataFree: Freeing 0xba0136a8
2014/03/31 12:29:27| comm_select: timeout 424
2014/03/31 12:29:27| do_comm_select: 1 fds ready
2014/03/31 12:29:27| commHandleWrite: FD 18: off 0, hd 0, sz 394.
2014/03/31 12:29:27| commHandleWrite: write() returns 394
2014/03/31 12:29:27| cbdataValid: 0xba0d7be8
2014/03/31 12:29:27| clientWriteComplete: FD 18, sz 394, err 0, off 229, len 229
2014/03/31 12:29:27| clientWriteComplete: FD 18 transfer is DONE
2014/03/31 12:29:27| clientWriteComplete: FD 18 Keeping Alive
2014/03/31 12:29:27| clientKeepaliveNextRequest: FD 18
2014/03/31 12:29:27| httpRequestFree: http://192.168.1.110:82/MWL/C1_MWL_7_0.css
2014/03/31 12:29:27| cbdataLock: 0xb927b778
2014/03/31 12:29:27| cbdataLock: 0xba039ab8
2014/03/31 12:29:27| cbdataUnlock: 0xba039ab8
2014/03/31 12:29:27| cbdataUnlock: 0xb927b778
2014/03/31 12:29:27| cbdataFree: 0xba00ee30
2014/03/31 12:29:27| cbdataFree: Freeing 0xba00ee30
2014/03/31 12:29:27| storeClientUnregister: called for 'D2A230B5335F30795536F3F73AE9FEAE'
2014/03/31 12:29:27| storePendingNClients: returning 0
2014/03/31 12:29:27| storeUnlockObject: (store_client.c:575): key 'D2A230B5335F30795536F3F73AE9FEAE' count=1
2014/03/31 12:29:27| cbdataFree: 0xba10bbf0
2014/03/31 12:29:27| cbdataFree: Freeing 0xba10bbf0
2014/03/31 12:29:27| storeUnlockObject: (client_side.c:1271): key 'D2A230B5335F30795536F3F73AE9FEAE' count=0
2014/03/31 12:29:27| storePendingNClients: returning 0
2014/03/31 12:29:27| storeRelease: Releasing: 'D2A230B5335F30795536F3F73AE9FEAE'
2014/03/31 12:29:27| destroy_StoreEntry: destroying 0xb9f52fb0
2014/03/31 12:29:27| ctx: enter level  0: 'http://192.168.1.110:82/MWL/C1_MWL_7_0.css'
2014/03/31 12:29:27| destroy_MemObject: destroying 0xba1a3478
2014/03/31 12:29:27| ctx: exit level  0
2014/03/31 12:29:27| cbdataFree: 0xba0d7be8
2014/03/31 12:29:27| cbdataFree: 0xba0d7be8 has 1 locks, not freeing
2014/03/31 12:29:27| clientKeepaliveNextRequest: FD 18 reading next req
2014/03/31 12:29:27| commSetTimeout: FD 18 timeout 120
2014/03/31 12:29:27| clientReadRequest: FD 18: reading request...
2014/03/31 12:29:27| clientReadRequest: FD 18: no data to process ((11) Resource temporarily unavailable)
2014/03/31 12:29:27| cbdataLock: 0xba039ab8
2014/03/31 12:29:27| cbdataValid: 0xba039ab8
2014/03/31 12:29:27| cbdataValid: 0xba039ab8
2014/03/31 12:29:27| cbdataUnlock: 0xba039ab8
2014/03/31 12:29:27| commSetSelect: FD 18 type 1
2014/03/31 12:29:27| cbdataUnlock: 0xba0d7be8
2014/03/31 12:29:27| cbdataUnlock: Freeing 0xba0d7be8
2014/03/31 12:29:27| comm_select: timeout 424
2014/03/31 12:29:27| do_comm_select: 1 fds ready
2014/03/31 12:29:27| clientReadRequest: FD 18: reading request...
2014/03/31 12:29:27| cbdataLock: 0xba039ab8
2014/03/31 12:29:27| cbdataValid: 0xba039ab8

我希望我没有忘记什么。

非常感谢你的努力和反馈

答案1

您有GET http://server1:82/MWL/C1_MWL_7_0.css一个对 server1 的 82 端口的请求,但是 squid 配置http_access deny !Safe_ports却说拒绝访问除安全端口之外的任何端口。

将端口 82 添加为安全端口,然后使用 squid -k 重新配置或重新启动 squid。

相关内容