我正在尝试设置 Squid 透明代理。
启动 squid 时,它以退出代码 0 启动,并且似乎正在运行。但是,没有创建 tcp 侦听器(尽管似乎有一些 UDP 侦听器)。
深入研究日志后,我发现了以下模式:
Jan 31 09:30:40 proxy squid[6060]: Beginning Validation Procedure
Jan 31 09:30:40 proxy squid[6060]: Closing HTTP(S) port [::]:3128
Jan 31 09:30:40 proxy squid[6060]: Closing HTTP(S) port [::]:3129
Jan 31 09:30:40 proxy squid[6060]: Closing HTTP(S) port [::]:3130
Jan 31 09:30:40 proxy squid[6060]: Not currently OK to rewrite swap log.
Jan 31 09:30:40 proxy squid[6060]: storeDirWriteCleanLogs: Operation aborted.
Jan 31 09:30:40 proxy squid[6060]: FATAL: Failed to rename log file /var/spool/squid/swap.state.new to /var/spool/squid/swap.state
Jan 31 09:30:40 proxy squid[6060]: Squid Cache (Version 4.1): Terminated abnormally.
Jan 31 09:30:40 proxy squid[6043]: Squid Parent: squid-1 process 6060 exited with status 1
Jan 31 09:30:40 proxy squid[6043]: Squid Parent: (squid-1) process 6064 started
Jan 31 09:30:40 proxy squid[6064]: Set Current Directory to /var/spool/squid
Jan 31 09:30:40 proxy squid[6064]: Starting Squid Cache version 4.1 for x86_64-pc-linux-gnu...
Jan 31 09:30:40 proxy squid[6064]: Service Name: squid
Jan 31 09:30:40 proxy squid[6064]: Process ID 6064
Jan 31 09:30:40 proxy squid[6064]: Process Roles: worker
Jan 31 09:30:40 proxy squid[6064]: With 1024 file descriptors available
Jan 31 09:30:40 proxy squid[6064]: Initializing IP Cache...
Jan 31 09:30:40 proxy squid[6064]: DNS Socket created at [::], FD 5
Jan 31 09:30:40 proxy squid[6064]: DNS Socket created at 0.0.0.0, FD 14
Jan 31 09:30:40 proxy squid[6064]: Logfile: opening log daemon:/var/log/squid/access.log
Jan 31 09:30:40 proxy squid[6064]: Logfile Daemon: opening log /var/log/squid/access.log
Jan 31 09:30:40 proxy squid[6064]: Store logging disabled
Jan 31 09:30:40 proxy squid[6064]: WARNING: disk-cache maximum object size is too large for mem-cache: 4096.00 KB > 512.00 KB
Jan 31 09:30:40 proxy squid[6064]: Swap maxSize 5120000 + 524288 KB, estimated 434176 objects
Jan 31 09:30:40 proxy squid[6064]: Target number of buckets: 21708
Jan 31 09:30:40 proxy squid[6064]: Using 32768 Store buckets
Jan 31 09:30:40 proxy squid[6064]: Max Mem size: 524288 KB [shared]
Jan 31 09:30:40 proxy squid[6064]: Max Swap size: 5120000 KB
Jan 31 09:30:40 proxy squid[6064]: Rebuilding storage in /var/spool/squid (dirty log)
Jan 31 09:30:40 proxy squid[6064]: Using Least Load store dir selection
Jan 31 09:30:40 proxy squid[6064]: Set Current Directory to /var/spool/squid
Jan 31 09:30:40 proxy squid[6064]: Finished loading MIME types and icons.
Jan 31 09:30:40 proxy squid[6064]: HTCP Disabled.
Jan 31 09:30:40 proxy squid[6064]: commBind Cannot bind socket FD 24 to [::1]: (99) Cannot assign requested address
Jan 31 09:30:40 proxy squid[6064]: commBind Cannot bind socket FD 25 to [::1]: (99) Cannot assign requested address
Jan 31 09:30:40 proxy squid[6064]: ERROR: Failed to create helper child read FD: UDP[::1]
Jan 31 09:30:40 proxy squid[6064]: Squid plugin modules loaded: 0
Jan 31 09:30:40 proxy squid[6064]: Adaptation support is off.
Jan 31 09:30:40 proxy squid[6064]: commBind Cannot bind socket FD 24 to [::]: (2) No such file or directory
Jan 31 09:30:40 proxy squid[6064]: Done reading /var/spool/squid swaplog (0 entries)
Jan 31 09:30:40 proxy squid[6064]: Store rebuilding is 0.00% complete
Jan 31 09:30:40 proxy squid[6064]: Finished rebuilding storage from disk.
Jan 31 09:30:40 proxy squid[6064]: 0 Entries scanned
Jan 31 09:30:40 proxy squid[6064]: 0 Invalid entries.
Jan 31 09:30:40 proxy squid[6064]: 0 With invalid flags.
Jan 31 09:30:40 proxy squid[6064]: 0 Objects loaded.
Jan 31 09:30:40 proxy squid[6064]: 0 Objects expired.
Jan 31 09:30:40 proxy squid[6064]: 0 Objects cancelled.
Jan 31 09:30:40 proxy squid[6064]: 0 Duplicate URLs purged.
Jan 31 09:30:40 proxy squid[6064]: 0 Swapfile clashes avoided.
Jan 31 09:30:40 proxy squid[6064]: Took 0.02 seconds ( 0.00 objects/sec).
Jan 31 09:30:40 proxy squid[6064]: Beginning Validation Procedure
Jan 31 09:30:40 proxy squid[6064]: Completed Validation Procedure
Jan 31 09:30:40 proxy squid[6064]: Validated 0 Entries
Jan 31 09:30:40 proxy squid[6064]: store_swap_size = 0.00 KB
Jan 31 09:30:41 proxy squid[6046]: storeLateRelease: released 0 objects
Jan 31 09:30:41 proxy squid[6058]: storeLateRelease: released 0 objects
Jan 31 09:30:41 proxy squid[6064]: storeLateRelease: released 0 objects
下面的这一行是否能表明这个问题?
FATAL: Failed to rename log file /var/spool/squid/swap.state.new to /var/spool/squid/swap.state
我检查了目录,发现 swap.state 文件似乎已由 squid 成功创建,并且整个目录中的权限设置正确。
我的配置如下:
visible_hostname squid
acl localnet src 10.0.0.0/8
workers 3
http_port 3128
http_port 3129 intercept
acl allowed_http_websites dstdomain "/etc/squid/allowed.txt"
http_access allow allowed_http_websites
http_access deny all
cache_dir aufs /var/spool/squid 5000 16 256
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
编辑:
这很可能与权限有关,因为在非守护进程模式下(以 root 身份)运行它确实会产生预期的效果。权限似乎是正确的,因为用户“squid”是目录的所有者,拥有所有权限。
编辑2:
使用 -N 选项(仅限主服务器)在前台运行 Squid 似乎可行。但是,使用 --foreground 运行它会出现同样的错误。
答案1
我找到了问题所在。不知何故,生成的子进程似乎互相绊倒了。删除配置中的“workers 3”行解决了这个问题。