How to control squid bugs?

Taking care of your Linux box.
Post Reply
asaddotcom
Company Havaldaar Major
Posts: 195
Joined: Fri Feb 04, 2005 7:21 pm
Location: Lahore, PK
Contact:

How to control squid bugs?

Post by asaddotcom »

Assalam-O-Alaikum!

I m facing squid problem, when these logs comes in access.log file
1254940695.716 1 192.168.1.2 TCP_MISS/000 0 GET http://v102.ru/ - DIRECT/v102.ru -
1254940695.720 2 192.168.1.2 TCP_MISS/000 0 GET http://v102.ru/ - DIRECT/v102.ru -
and these logs continually run, and clint side speed goes very slow, even i am not able to open www.orkut.com page. after entering this site address, later on error message appear
ERROR
The requested URL could not be retrieved

The following error was encountered while trying to retrieve the URL: http://www.orkut.com/

Connection to 74.125.79.85 failed.

The system returned: (110) Connection timed out

The remote host or network may be down. Please try the request again.

Your cache administrator is root.
I think my some of clints computer is infectet with virus which automatically broadcast and send bulk requests and then these logs generate...

please tell me any solution, how can i control these kind of bugs, which make my squid/browsing speed slow???

regards.
Thanking You...

ครค๔
www.apnicollection.com | www.wikisoft.pk
lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Post by lambda »

the solution is obvious: fix the client machine.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
asaddotcom
Company Havaldaar Major
Posts: 195
Joined: Fri Feb 04, 2005 7:21 pm
Location: Lahore, PK
Contact:

RE:

Post by asaddotcom »

Dear Lambda,

Its not a good advice from good administrators.. who will say us engineer, if we can't fix it on our server.
lambda wrote:the solution is obvious: fix the client machine.
I have huge number of clints, so not possible to fix them all.

regards.
Thanking You...

ครค๔
www.apnicollection.com | www.wikisoft.pk
lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Post by lambda »

Its not a good advice from good administrators..
not every problem can be solved on the server, asad.
who will say us engineer, if we can't fix it on our server.
is that really how you think, asad? is that what makes someone an engineer -- the ability to solve other people's problems on the server?

you can add acls to match the requests and deny them. that will not stop the clients from sending the hundreds or thousands of requests to your proxy, though. your server's bandwidth and processing power (cpu) will still be wasted.

a similar example: if thousands of clients were pinging your server, would adding an iptables rule to block pings help you? the clients would still fill up your bandwidth with incoming ping packets, and your server's processor would still waste cpu cycles trying to block them. what would you gain in the end?

your only real solution is to the fix the clients.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
osama1
Lance Naik
Posts: 33
Joined: Fri Jul 17, 2009 10:02 am

Post by osama1 »

Post Reply