Somehow through tweaking pfSense and configuring the Squid package the cache files started to fill. At first I was particularly confused if Captive portal was still on as every site I was trying to get to required a login -- failing to do so kicked me out with an Error 504. The Squid service also refused to be started.
At this point I proceeded to re-install Squid and noticed that even without it the continuous login request persisted. By some luck I started to play around with other pfSense options and checked the disk space -- BAM! Thats where it dawned on me that my Squid cache had absolutely filled my 80GB hard drive and there were but a few KB of space free?!
Now that I knew the most probably reason, that launched a few searches on how to properly clear or compact the cache. pfSenseDocs has a guide. Using the Command option under Diagnostics didn't seem to help as the disk space didn't change. On initial setup of Squid, I had to twiddle with a few settings via terminal access on SSH and this is where I remembered that under System -> Advanced that Secure Shell was on -- and that is what I did.
1. SSH into pfSense will drop you into the same menu you'd see if you had a monitor connected. Choosing option 8 gives you a shell.
2. From there I shut down the Squid service and proceeded to delete everything under /var/squid/cache
3. Once space had been free'd, initiate squid -z to recreate the required directories.
4. Reboot pfSense and,
5. you can now run the Squid service
Problem solved! Now to keep watch on disk space and tweak how much cache info is kept.
Showing posts with label Squid Proxy. Show all posts
Showing posts with label Squid Proxy. Show all posts
Wednesday, January 20, 2010
Sunday, December 27, 2009
pfSense: Speed-up Transparent Squid Proxy
Its been a few days that I did some tweaking on Squid Proxy and it appears stable! This all came about as I was trying to speed-up data fetching and finding that for some reason the cache was just too slow for actual use. I wondered if it was at all worth it (obviously slow proxy means unhappy users ... especially if its your home users).
In gratitude to the discussion I found in the forum, its reposted and message re-arranged here in summary below:
Question:
Why squid is so slow?
Answer:
The default configuration of pfSense is a router not as a server, that is why kern.ipc.nmbclusters="0". Simply remove this line and Squid will be just fine.
Add the lines below to the /boot/loader.conf
kern.ipc.nmbclusters=32768
kern.maxfiles=65536
kern.maxfilesperproc=32768
net.inet.ip.portrange.last=65535
Alternatively, just delete it and replace with:
autoboot_delay="1"
#kern.ipc.nmbclusters="0"
hint.apic.0.disabled=1
kern.hz=100
#for squid
kern.ipc.nmbclusters="32768"
kern.maxfiles="65536"
kern.maxfilesperproc="32768"
net.inet.ip.portrange.last="65535"
In gratitude to the discussion I found in the forum, its reposted and message re-arranged here in summary below:
Question:
Why squid is so slow?
Answer:
The default configuration of pfSense is a router not as a server, that is why kern.ipc.nmbclusters="0". Simply remove this line and Squid will be just fine.
Add the lines below to the /boot/loader.conf
kern.ipc.nmbclusters=32768
kern.maxfiles=65536
kern.maxfilesperproc=32768
net.inet.ip.portrange.last=65535
Alternatively, just delete it and replace with:
autoboot_delay="1"
#kern.ipc.nmbclusters="0"
hint.apic.0.disabled=1
kern.hz=100
#for squid
kern.ipc.nmbclusters="32768"
kern.maxfiles="65536"
kern.maxfilesperproc="32768"
net.inet.ip.portrange.last="65535"
Subscribe to:
Posts (Atom)