ok i just disabled all the rules and it works for me now ill test
which rule is making a problem and let you know also.
Thanks
On Mon, Apr 23, 2012 at 11:20 PM, Muhammad Yousuf Khan <sirtcp_at_gmail.com> wrote:
> here is the log for bbc.co.uk . first and last msg of log
>
> so you can see the time delay.
>
> 335205033.183 841 10.51.100.240 TCP_MISS/200 24506 GET
> http://www.bbc.co.uk/ - DIRECT/212.58.244.66 text/html
> 1335205057.936 328 10.51.100.240 TCP_REFRESH_HIT/304 435 GET
> http://static.bbci.co.uk/wwhomepage-3.5/1.0.41/img/broadcast-sprite.png
> - DIRECT/80.239.148.70 image/png
>
>
> On Mon, Apr 23, 2012 at 11:12 PM, Muhammad Yousuf Khan <sirtcp_at_gmail.com> wrote:
>> Here you go with my squid.conf
>>
>> acl all src all
>> acl manager proto cache_object
>> acl localhost src 127.0.0.1/32
>> acl to_localhost dst 127.0.0.0/8
>> acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
>> acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
>> acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
>> acl SSL_ports port 443 # https
>> acl SSL_ports port 563 # snews
>> acl SSL_ports port 873 # rsync
>> acl Safe_ports port 80 # http
>> acl Safe_ports port 21 # ftp
>> acl Safe_ports port 443 # https
>> acl Safe_ports port 70 # gopher
>> acl Safe_ports port 210 # wais
>> acl Safe_ports port 1025-65535 # unregistered ports
>> acl Safe_ports port 280 # http-mgmt
>> acl Safe_ports port 488 # gss-http
>> acl Safe_ports port 591 # filemaker
>> acl Safe_ports port 777 # multiling http
>> acl Safe_ports port 631 # cups
>> acl Safe_ports port 873 # rsync
>> acl Safe_ports port 901 # SWAT
>> acl purge method PURGE
>> acl CONNECT method CONNECT
>>
>> # sqstat
>> acl manager proto cache_object
>> acl webserver src 10.51.100.206/255.255.255.255
>> http_access allow manager webserver
>> http_access deny manager
>>
>>
>>
>> # Skype
>> acl numeric_IPs dstdom_regex
>> ^(([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)|(\[([0-9af]+)?:([0-9af:]+)?:([0-9af]+)?\])):443
>> acl Skype_UA browser ^skype
>> acl validUserAgent browser \S+
>>
>> # for cheetah only
>>
>> #acl usman src 10.51.100.107
>> #delay_pools 1
>> #delay_class 1 1
>> #delay_parameters 1 22000/22000
>> #delay_access 1 allow usman
>>
>>
>>
>> #-------------Allow All ACL-------------
>> acl aci_lan src 10.51.100.0/24
>> acl aci_general src 10.51.100.0/24
>>
>>
>> #----My ip
>> acl my_ip src 10.51.100.240
>> http_access allow my_ip
>>
>>
>>
>> # Testing delay pool
>> delay_pools 1
>> delay_class 1 1
>> delay_parameters 1 22000/10240000
>> delay_access 1 allow aci_general
>>
>>
>>
>>
>> #---------------------Assurety Whitelist---------------
>> acl aci_whitelist dstdomain "/blocklist/aci_list/whitelist"
>> http_access allow aci_whitelist
>>
>> #--Senior Allow Domainlist------------------------------
>> acl aci_seniors dstdomain "/blocklist/aci_list/whitelist_seniors"
>> #---------------------------------------------------------#See
>> implimentation in ACI implimentation section
>>
>> #--------------------Assurety Hard_Block--------------
>> acl aci_hard_block dstdomain "/blocklist/aci_list/hard_block_domains"
>> http_access deny aci_hard_block
>>
>> #--------------------Hard_Block EXE and E.T.C---------------------
>> #acl mime_block_hard rep_mime_type -i "/blocklist/aci_list/hard_mime_block"
>> #http_reply_access deny mime_block_hard
>>
>>
>> #--General------Streaming Block------------------------------
>> acl mime_block rep_mime_type -i "/blocklist/aci_list/time_mime_block"
>>
>> #--General Domainlist------------------------------
>> acl aci_dest dstdomain "/blocklist/aci_list/time_block_domains"
>>
>> #--Seniors MAC list mouting------------------------------
>> acl aci_mac_seniors arp "/blocklist/aci_list/mac_list_seniors"
>>
>> #--General Timing------------ Normal Days Working hours--------------
>> acl aci_working_hours time MTWH 10:04-13:04
>> acl aci_working_hours time MTWH 14:04-18:04
>> #--General Timing-------------Friday------------------------
>> acl aci_working_hours time F 10:04-13:04
>> acl aci_working_hours time F 15:04-18:04
>>
>> #--General/Seniors-------------Implimentation------------------
>> http_access allow aci_seniors aci_mac_seniors
>> http_access deny aci_dest aci_working_hours aci_general
>> http_reply_access deny mime_block aci_working_hours aci_general !my_ip
>>
>> #skype deny
>> http_access deny numeric_IPS aci_working_hours
>> http_access deny Skype_UA aci_working_hours
>> http_access deny !validUserAgent aci_working_hours
>>
>>
>>
>>
>>
>> #Error Directory by Ykhan
>> error_directory /usr/share/squid/errors/en-us/
>> #------------------------TheEnd----------------------
>> http_access allow aci_lan
>>
>>
>>
>> http_access allow manager localhost
>> http_access deny manager
>> http_access allow purge localhost
>> http_access deny purge
>> http_access deny !Safe_ports
>> http_access deny CONNECT !SSL_ports
>> http_access allow localhost
>> http_access deny all
>> icp_access allow localnet
>> icp_access deny all
>> http_port 3128
>> hierarchy_stoplist cgi-bin ?
>> access_log /var/log/squid/access.log squid
>> refresh_pattern ^ftp: 1440 20% 10080
>> refresh_pattern ^gopher: 1440 0% 1440
>> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
>> refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880
>> refresh_pattern . 0 20% 4320
>> acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]
>> upgrade_http0.9 deny shoutcast
>> acl apache rep_header Server ^Apache
>> broken_vary_encoding allow apache
>> extension_methods REPORT MERGE MKACTIVITY CHECKOUT
>> hosts_file /etc/hosts
>> coredump_dir /var/spool/squid
>>
>> ##ykhan squid redirection to squidguard
>>
>> #redirect_program /usr/bin/squidGuard
>> #url_rewrite_program /usr/bin/squidGuard
>> #url_rewrite_children 5
>>
>>
>> On Mon, Apr 23, 2012 at 8:42 PM, Eliezer Croitoru <eliezer_at_ngtech.co.il> wrote:
>>> On 23/04/2012 18:38, Muhammad Yousuf Khan wrote:
>>>>
>>>> well i have been experiencing slow Internet browsing. not very slow
>>>> but comparatively slower then IPCOP firewall. i can not understand how
>>>> come i diagnose the issue.
>>>> i mean. i increase the RAM , i checked the DNS every thing is fine but
>>>> my browser stuck at "connecting" ones it start download it do it fast
>>>> but then stop for something then start. i am not getting the clear
>>>> picture. can anyone help
>>>>
>>>> i am suing debian 6.0.4 with 2.7 stable squid.
>>>>
>>>> Thanks,
>>>>
>>>> MYK
>>>
>>> what is your exact problem? slow downloads?
>>> what is your squid setup?transparent ?regular forward proxy?
>>> what browser are you using?
>>> do you have some squid logs? or squid.conf?
>>> what dns server are you using?
>>>
>>> Regards,
>>> Eliezer
>>>
>>> --
>>> Eliezer Croitoru
>>> https://www1.ngtech.co.il
>>> IT consulting for Nonprofit organizations
>>> eliezer <at> ngtech.co.il
Received on Tue Apr 24 2012 - 06:06:13 MDT
This archive was generated by hypermail 2.2.0 : Tue Apr 24 2012 - 12:00:04 MDT