Squid_ The Definitive Guide - Duane Wessels [170]
# make install-pinger
If successful, you should find that the pinger program has the following file ownership and permission settings:
# ls -l /usr/local/squid/libexec/pinger
-rws--x--x 1 root squid 140728 Sep 16 19:58 /usr/local/squid/libexec/pinger
Squid Becomes Slow After Running for Some Time
Most likely, Squid is competing with other processes, or with itself, for memory on your system. When the Squid process no longer fits entirely in memory, the operating system is forced to read and write areas of memory to and from the swap space. This has a drastic effect on Squid's performance.
To validate this theory, check the Squid process size with utilities such as top and ps. Also check Squid's own page fault counter, as described in Section 14.2.1.24. Once you've identified memory consumption as the problem, try the following steps to reduce Squid's memory usage:
Reduce the value of cache_mem and read Appendix B.
Turn off memory pooling with this option:memory_pools off
Reduce the size of the disk cache by lowering the size of one or more cache directories. See Section 7.1.
Debugging Access Controls
If you're having no luck getting your access controls to work properly, here's a little tip that might help. Edit your squid.conf file and set the debug_options line to this:
debug_options ALL,1 33,2
Then, reconfigure Squid:
% squid -k reconfigure
Now, Squid writes a message to cache.log for each client request and another for each reply. The messages contain the request method, URI, whether the request/reply is allowed or denied, and the name of the last ACL that matched it. For example:
2003/09/29 20:22:05| The request
GET http://images.slashdot.org:80/topics/topicprivacy.gif is ALLOWED,
because it matched 'localhost'
2003/09/29 20:22:05| The reply for
GET http://images.slashdot.org/topics/topicprivacy.gif is ALLOWED,
because it matched 'all'
Knowing the name of the ACL doesn't always tell you the corresponding http_access line, but it gets you pretty close. If necessary, you can replicate your acl lines and give them unique names so that a given ACL name appears on only one http_access rule.
Debugging via cache.log
You already know from Section 13.1 that cache.log contains various operational messages Squid thinks are important enough to tell you about. We also refer to these as debugging messages. You can use the debug_options directive to control the verbosity of messages that appear in cache.log. By increasing the debugging levels, you'll see more detailed messages that may help you understand what Squid is doing. For example:
debug_options ALL,1 11,3 20,3
Every debugging message in the Squid source code has two numeric attributes: a section and a level. Sections range from 0 to 100, and levels range from 0 to 10. In general, section numbers correspond to particular components of the source code. In other words, all the messages within a single source file have the same section number. In some cases, multiple files use the same debugging section. This tends to happen when a source file becomes too large and is split into smaller chunks.
The top of each source file has line that mentions the debugging section. It looks like this:
* DEBUG: section 9 File Transfer Protocol (FTP)
I don't expect you to look at the source files to find the section numbers. The same information appears here in Table 16-1.
Table 16-1. Debugging section numbers for the debug_options directive
Number
Description
Source file(s)
0
Client Database
client_db.c
1
Startup and Main Loop
main.c
2
Unlink Daemon
unlinkd.c
3
Configuration File Parsing
cache_cf.c
4
Error Generation
errorpage.c
5
Socket Functions
comm.c
5
Socket Functions
comm_select.c
6
Disk I/O Routines
disk.c
7
Multicast
multicast.c