[squid-users] Squid Core Dumping

From: Everett, Vernon <[email protected]>
Date: Wed, 17 Jan 2007 09:18:55 +0900

Hi all

Hope there is somebody on the list who has seen this before and can
help.

I have inherited 2 instances of Squid running on Solaris 10 on a 4cpu
V440 with Dansguardian content filter.
One instance is acting as a caching proxy, and the other is used by
Dansguardian for user authentication, using ntlm_auth. (The Samba
version)
For more info on Dansguardian, see here - http://dansguardian.org

The caching proxy is working well, and never gives me any trouble.

The one used for authentication, is misbehaving.
From time to time - and it appears random - the squid application will
crash and burn, leaving only a core dump and log message to prove it
ever existed.
RunCache respawns squid, and everything gets back up and running, but my
users have to re-authenticate, and they find this annoying.
Has anybody seen this before, and what (if anything) did you do to
correct it?

Some Important Info

# uname -a
SunOS prowler 5.10 Generic_118833-03 sun4u sparc SUNW,Sun-Fire-V440

From messages
---snip---
Jan 15 14:59:20 prowler squid[11793]: [ID 702911 daemon.notice]
CACHEMGR: <unknown>@127.0.0.1 requesting '5min'
Jan 15 14:59:20 prowler squid[11793]: [ID 702911 daemon.notice]
CACHEMGR: <unknown>@127.0.0.1 requesting 'info'
Jan 15 15:04:22 prowler squid[11793]: [ID 702911 daemon.notice]
CACHEMGR: <unknown>@127.0.0.1 requesting '5min'
Jan 15 15:04:23 prowler squid[11793]: [ID 702911 daemon.notice]
CACHEMGR: <unknown>@127.0.0.1 requesting 'info'
Jan 15 15:05:01 prowler squid[15485]: [ID 702911 daemon.notice]
urlParse: Illegal hostname 'www.inspectioncentre..com'
Jan 15 15:05:04 prowler last message repeated 1 time
Jan 15 15:07:29 prowler squid[15485]: [ID 702911 daemon.notice] WARNING:
All ntlmauthenticator processes are busy.
Jan 15 15:07:29 prowler squid[15485]: [ID 702911 daemon.notice] WARNING:
up to 200 pending requests queued
Jan 15 15:07:59 prowler squid[15485]: [ID 702911 daemon.notice] WARNING:
All ntlmauthenticator processes are busy.
Jan 15 15:07:59 prowler squid[15485]: [ID 702911 daemon.notice] WARNING:
up to 535 pending requests queued
Jan 15 15:07:59 prowler squid[15485]: [ID 702911 daemon.notice] Consider
increasing the number of ntlmauthenticator processes to at least 735 in
your config file.
Jan 15 15:08:29 prowler squid[15485]: [ID 702911 daemon.notice] WARNING:
All ntlmauthenticator processes are busy.
Jan 15 15:08:29 prowler squid[15485]: [ID 702911 daemon.notice] WARNING:
up to 749 pending requests queued
Jan 15 15:08:29 prowler squid[15485]: [ID 702911 daemon.notice] Consider
increasing the number of ntlmauthenticator processes to at least 949 in
your config file.
Jan 15 15:09:00 prowler squid[15485]: [ID 702911 daemon.notice] WARNING:
All ntlmauthenticator processes are busy.
Jan 15 15:09:00 prowler squid[15485]: [ID 702911 daemon.notice] WARNING:
up to 947 pending requests queued
Jan 15 15:09:00 prowler squid[15485]: [ID 702911 daemon.notice] Consider
increasing the number of ntlmauthenticator processes to at least 1147 in
your config file.
Jan 15 15:09:18 prowler squid[15485]: [ID 702911 daemon.notice]
storeDirWriteCleanLogs: Starting...
Jan 15 15:09:18 prowler squid[15485]: [ID 702911 daemon.notice] WARNING:
Closing open FD 241
Jan 15 15:09:18 prowler squid[15485]: [ID 702911 daemon.notice]
Finished. Wrote 8667 entries.
Jan 15 15:09:18 prowler squid[15485]: [ID 702911 daemon.notice] Took
0.2 seconds (51607.4 entries/sec).
Jan 15 15:09:18 prowler squid[15485]: [ID 702911 daemon.alert] Too many
queued ntlmauthenticator requests (1001 on 200)
Jan 15 15:09:21 prowler genunix: [ID 603404 kern.notice] NOTICE:
core_log: squid[15485] core dumped:
/var/core/core_prowler_squid_60001_60001_1168841358_15485
---snip---

# squid -v
Squid Cache: Version 2.5.STABLE12

# file ./squid
./squid: ELF 32-bit MSB executable SPARC Version 1, dynamically
linked, not stripped

# cat squid.conf | grep -v ^$ | grep -v ^#
http_port 8080
icp_port 0
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 8 MB
cache_peer 127.0.0.1 parent 3128 0 proxy-only no-query no-digest
no-netdb-exchange login=*:DUMMY_PASSWORD
cache_dir ufs /u01/app/squid-front/cache 100 16 256
cache_access_log none
cache_store_log none
cache_log /dev/null
log_fqdn off
ftp_user www@dpi.wa.gov.au
visible_hostname prowler
client_persistent_connections off
append_domain .dpi.wa.gov.au
auth_param ntlm program /usr/local/samba/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 200
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 5 minutes
auth_param basic program /usr/local/samba/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 30
auth_param basic realm DPI proxy - use your email username and password
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl AuthorizedUsers proxy_auth REQUIRED
acl all src 0/0
never_direct allow all
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 7779
acl Safe_ports port 10003
acl Safe_ports port 12000
acl Safe_ports port 8090
acl Safe_ports port 81
acl Safe_ports port 8080
acl Safe_ports port 8000
acl WINDOWS dstdomain .microsoft.com
acl CONNECT method CONNECT
always_direct allow WINDOWS
never_direct allow all
http_access allow manager localhost
http_access deny !Safe_ports
http_access allow all AuthorizedUsers
http_access deny manager
http_access deny CONNECT !SSL_ports
http_access deny all
http_reply_access allow all
icp_access allow all
cache_mgr proxyadmin@dpi.wa.gov.au
coredump_dir /u01/app/squid-front/var/cache

# ./ntlm_auth -V
Version 3.0.21a

# file ./ntlm_auth
./ntlm_auth: ELF 32-bit MSB executable SPARC Version 1, dynamically
linked, not stripped
Received on Tue Jan 16 2007 - 17:19:08 MST

This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST