squid
selinux 설정
# 기본적으로 squid는 아래 포트를 사용한다. semanage port -l | grep -w -i squid_port_t squid_port_t tcp 3128, 3401, 4827 squid_port_t udp 3401, 4827 # 포트를 10000으로 변경했을경우 해당 포트에 태깅 추가 semanage port -a -t squid_port_t -p tcp 10000
cache_dir 매개변수에서 /var/spool/squid/ 와 다른 캐시 디렉터리를 설정하는 경우
디렉토리 권한 설정 후 selinux 컨텍스트를 설정한다.
$ chown squid:squid path_to_cache_directory $ semanage fcontext -a -t squid_cache_t "path_to_cache_directory(/.*)?" $ restorecon -Rv path_to_cache_directory
방화벽 구성은 아래와 같이 설정한다.
$ firewall-cmd --permanent --add-port=3128/tcp $ firewall-cmd --reload $ systemctl enable --now squid
동작 테스트
$ curl -O -L "https://www.redhat.com/index.html" -x "proxy.example.com:3128"
2-teer hierachical proxy
아래처럼 구성하려고 할 때 squid.conf에 cache_peer설정을 하면 된다.
/etc/squid/squid.conf
# # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # cache_peer 172.16.0.11 parent 3128 0 no-query no-digest never_direct allow all
참조링크
squidclient 사용법
squidclient -p <port> mgr:menu 명령어는 조회가능한 관리 메뉴 목록을 나열한다.
[root@proxy-a ~]# squidclient mgr:menu HTTP/1.1 200 OK Server: squid/5.5 Mime-Version: 1.0 Date: Thu, 13 Feb 2025 05:23:36 GMT Content-Type: text/plain;charset=utf-8 Expires: Thu, 13 Feb 2025 05:23:36 GMT Last-Modified: Thu, 13 Feb 2025 05:23:36 GMT X-Cache: MISS from proxy-a X-Cache-Lookup: MISS from proxy-a:3128 Via: 1.1 proxy-a (squid/5.5) Connection: close index Cache Manager Interface public menu Cache Manager Menu public offline_toggle Toggle offline_mode setting hidden shutdown Shut Down the Squid Process hidden reconfigure Reconfigure Squid hidden rotate Rotate Squid Logs hidden cached_ssl_cert Statistic of cached generated ssl certificates public pconn Persistent Connection Utilization Histograms public mem Memory Utilization public squidaio_counts Async IO Function Counters public diskd DISKD Stats public config Current Squid Configuration hidden client_list Cache Client List public comm_epoll_incoming comm_incoming() stats public ipcache IP Cache Stats and Contents public fqdncache FQDN Cache Stats and Contents public idns Internal DNS Statistics public redirector URL Redirector Stats public store_id StoreId helper Stats public external_acl External ACL stats public http_headers HTTP Header Statistics public info General Runtime Information public service_times Service Times (Percentiles) public filedescriptors Process Filedescriptor Allocation public objects All Cache Objects public vm_objects In-Memory and In-Transit Objects public io Server-side network read() size histograms public counters Traffic and Resource Counters public peer_select Peer Selection Algorithms public digest_stats Cache Digest and ICP blob public 5min 5 Minute Average of Counters public 60min 60 Minute Average of Counters public utilization Cache Utilization public histograms Full Histogram Counts public active_requests Client-side Active Requests public username_cache Active Cached Usernames public openfd_objects Objects with Swapout files open public store_digest Store Digest public store_log_tags Histogram of store.log tags public storedir Store Directory Stats public store_io Store IO Interface Stats public store_check_cachable_stats storeCheckCachable() Stats public refresh Refresh Algorithm Statistics public delay Delay Pool Levels public forward Request Forwarding Statistics public cbdata Callback Data Registry Contents public sbuf String-Buffer statistics public events Event Queue public asndb AS Number Database public carp CARP information public userhash peer userhash information public sourcehash peer sourcehash information public server_list Peer Cache Statistics public
squid 메모리 현황
대표적인 관리 메뉴중 하나로 현재 동작중인 squid의 메모리 사용 현황을 조회할 수 있다.
squidclient -p <port> mgr:mem
[root@proxy-a ~]# squidclient mgr:mem HTTP/1.1 200 OK Server: squid/5.5 Mime-Version: 1.0 Date: Thu, 13 Feb 2025 05:24:42 GMT Content-Type: text/plain;charset=utf-8 Expires: Thu, 13 Feb 2025 05:24:42 GMT Last-Modified: Thu, 13 Feb 2025 05:24:42 GMT X-Cache: MISS from proxy-a X-Cache-Lookup: MISS from proxy-a:3128 Via: 1.1 proxy-a (squid/5.5) Connection: close Current memory usage: Pool Obj Size Chunks Allocated In Use Idle Allocations Saved Rate (bytes) KB/ch obj/ch (#) used free part %Frag (#) (KB) high (KB) high (hrs) %Tot (#) (KB) high (KB) high (hrs) %alloc (#) (KB) high (KB) (#) %cnt %vol (#)/sec mem_node 4136 431 1741 2093 70.19 37.370 315 1273 2093 70.19 73.086 116 469 1192 2190 0.285 11.758 0.013 16KB Strings 16384 39 624 624 70.19 13.395 1 16 624 70.19 2.564 38 608 624 242 0.031 5.147 0.009 cbdata clientReplyContext (10) 4360 76 324 324 70.13 6.947 9 39 324 70.13 11.842 67 286 290 484 0.063 2.739 0.009 4KB Strings 4096 80 320 320 70.19 6.869 1 4 320 70.19 1.250 79 316 320 619 0.081 3.291 0.009 Stream 4224 68 281 281 70.19 6.021 1 5 281 70.19 1.471 67 277 281 492 0.064 2.698 0.009 HttpRequest 1872 136 249 249 70.19 5.337 52 96 249 70.19 38.235 84 154 156 546 0.071 1.327 0.009 Long Strings 512 356 178 178 70.13 3.821 198 99 178 70.13 55.618 158 79 80 2363 0.307 1.571 0.037 Short Strings 40 3393 133 204 70.18 2.845 3253 128 204 70.18 95.874 140 6 47 55577 7.231 2.886 0.741 MemBlob 48 1661 78 118 70.18 1.671 1488 70 118 70.18 89.585 173 9 30 45025 5.858 2.805 0.372 cbdata idns_query (16) 8704 9 77 77 70.06 1.642 0 0 77 70.06 0.000 9 77 77 502 0.065 5.672 0.000 HttpReply 296 221 64 64 70.13 1.371 143 42 64 70.13 64.706 78 23 23 1044 0.136 0.401 0.028 cbdata Server (8) 776 80 61 61 70.19 1.301 1 1 61 70.19 1.250 79 60 61 344 0.045 0.347 0.009 HttpHeaderEntry 56 1101 61 98 70.18 1.293 1079 60 98 70.18 98.002 22 2 34 9374 1.220 0.681 0.194 Medium Strings 128 440 55 55 70.13 1.181 315 40 55 70.13 71.591 125 16 19 11984 1.559 1.991 0.000 MemObject 328 144 47 47 70.05 0.990 143 46 47 70.05 99.306 1 1 2 216 0.028 0.092 0.009 2K Buffer 2048 20 40 40 70.21 0.859 3 6 40 70.21 15.000 17 34 34 2211 0.288 5.878 0.037 cbdata IdleConnList (25) 4168 9 37 37 70.05 0.786 0 0 37 70.05 0.000 9 37 37 64 0.008 0.346 0.000 cbdata TunnelStateData (14) 496 66 32 32 70.14 0.686 0 0 32 70.14 0.000 66 32 32 285 0.037 0.183 0.000 cbdata ipcache_entry (3) 200 160 32 32 69.72 0.671 160 32 32 69.72 100.000 0 0 2 123 0.016 0.032 0.000 cbdata ClientHttpRequest (9) 408 68 28 28 70.19 0.582 1 1 28 70.19 1.471 67 27 28 492 0.064 0.261 0.009 cbdata HappyConnOpener (17) 376 68 25 25 70.13 0.536 0 0 25 70.13 0.000 68 25 25 476 0.062 0.232 0.000 MimeEntry 144 177 25 25 70.26 0.534 177 25 25 70.26 100.000 0 0 0 0 0.000 0.000 0.000 StoreEntry 120 157 19 19 70.05 0.395 156 19 19 70.05 99.363 1 1 1 210 0.027 0.033 0.009 cbdata clientStreamNode (11) 128 136 17 17 70.19 0.365 2 1 17 70.19 1.471 134 17 17 984 0.128 0.163 0.018 8K Buffer 8192 2 16 16 70.19 0.343 0 0 16 70.19 0.000 2 16 16 55 0.007 0.585 0.000 16K Buffer 16384 1 16 16 70.13 0.343 0 0 16 70.13 0.000 1 16 16 1 0.000 0.021 0.000 Comm::Connection 216 64 14 86 70.19 0.290 2 1 86 70.19 3.125 62 14 65 3021 0.393 0.847 0.009 HttpHdrCc 96 90 9 9 70.21 0.181 58 6 9 70.21 64.444 32 3 4 375 0.049 0.047 0.000 cbdata HttpStateData (24) 368 23 9 9 70.19 0.177 0 0 9 70.19 0.000 23 9 9 165 0.021 0.079 0.000 cbdata store_client (22) 296 25 8 8 70.19 0.155 1 1 8 70.19 4.000 24 7 8 242 0.031 0.093 0.009 cbdata FwdState (23) 304 24 8 8 70.19 0.153 0 0 8 70.19 0.000 24 8 8 169 0.022 0.067 0.000 ResolvedPeers 72 68 5 5 70.13 0.103 0 0 5 70.13 0.000 68 5 5 476 0.062 0.044 0.000 LRU policy node 24 194 5 5 70.13 0.098 193 5 5 70.13 99.485 1 1 1 64 0.008 0.002 0.000 4K Buffer 4096 1 4 4 70.19 0.086 0 0 4 70.19 0.000 1 4 4 62 0.008 0.330 0.000 cbdata ConnOpener (18) 144 25 4 4 70.19 0.075 0 0 4 70.19 0.000 25 4 4 617 0.080 0.115 0.000 MD5 digest 16 157 3 3 70.05 0.053 156 3 3 70.05 99.363 1 1 1 509 0.066 0.011 0.009 BodyPipe 136 16 3 3 70.21 0.046 0 0 3 70.21 0.000 16 3 3 44 0.006 0.008 0.000 cbdata PeerSelector (15) 296 7 3 3 70.22 0.043 0 0 3 70.22 0.000 7 3 3 537 0.070 0.206 0.000 1KB Strings 1024 2 2 2 70.26 0.043 0 0 2 70.26 0.000 2 2 2 56 0.007 0.074 0.000 cbdata UFSStoreState (26) 328 5 2 2 70.19 0.034 0 0 2 70.19 0.000 5 2 2 125 0.016 0.053 0.000 cbdata ErrorState (20) 272 6 2 2 70.22 0.034 0 0 2 70.22 0.000 6 2 2 279 0.036 0.099 0.000 AndNode 120 13 2 2 70.26 0.033 13 2 2 70.26 100.000 0 0 0 0 0.000 0.000 0.000 acl_ip_data 96 15 2 2 70.26 0.030 15 2 2 70.26 100.000 0 0 1 2 0.000 0.000 0.000 cbdata Tree (1) 176 7 2 2 70.26 0.026 7 2 2 70.26 100.000 0 0 0 0 0.000 0.000 0.000 ClientInfo 464 2 1 1 70.22 0.019 2 1 1 70.22 100.000 0 0 0 0 0.000 0.000 0.000 cbdata RebuildState (5) 920 1 1 1 70.26 0.019 0 0 1 70.26 0.000 1 1 1 0 0.000 0.000 0.000 fqdncache_entry 160 5 1 1 70.22 0.017 3 1 1 70.22 60.000 2 1 1 14 0.002 0.003 0.000 ACLStrategised 120 5 1 1 70.26 0.013 5 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 ev_entry 48 12 1 1 70.25 0.012 10 1 1 70.25 83.333 2 1 1 595617 77.498 37.112 2.350 cbdata ACLFilledChecklist (13) 504 1 1 1 70.25 0.011 1 1 1 70.25 100.000 0 0 1 559 0.073 0.366 0.009 cbdata BlockingFile (27) 88 5 1 1 70.19 0.009 0 0 1 70.19 0.000 5 1 1 125 0.016 0.014 0.000 RefreshPattern 144 3 1 1 70.26 0.009 3 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 cbdata Logfile (4) 352 1 1 1 70.26 0.007 1 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 ACLSslErrorData 64 5 1 1 70.26 0.007 5 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 ACLSourceIP 104 3 1 1 70.26 0.007 3 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 ACLStrategised 120 2 1 1 70.26 0.005 2 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 NotNode 120 2 1 1 70.26 0.005 2 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 FwdServer 32 7 1 1 70.22 0.005 0 0 1 70.22 0.000 7 1 1 537 0.070 0.022 0.000 cbdata RemovalPolicy (2) 104 2 1 1 70.26 0.004 2 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 cbdata LocalSearch (7) 80 2 1 1 70.26 0.003 1 1 1 70.26 50.000 1 1 1 70 0.009 0.007 0.000 cbdata generic_cbdata (21) 32 5 1 1 70.19 0.003 0 0 1 70.19 0.000 5 1 1 142 0.018 0.006 0.000 ACLStrategised 120 1 1 1 70.26 0.003 1 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 ACLStrategised 120 1 1 1 70.26 0.003 1 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 ACLDestinationIP 112 1 1 1 70.26 0.002 1 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 cbdata ClientRequestContext (12) 112 1 1 1 70.25 0.002 0 0 1 70.25 0.000 1 1 1 559 0.073 0.081 0.009 cbdata TcpAcceptor (6) 104 1 1 1 70.26 0.002 1 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 cbdata CbDataList (29) 96 1 1 1 70.19 0.002 0 0 1 70.19 0.000 1 1 1 215 0.028 0.027 0.000 cbdata WriteRequest (28) 80 1 1 1 70.21 0.002 0 0 1 70.21 0.000 1 1 1 2810 0.366 0.292 0.000 StoreSwapLogData 72 1 1 1 70.26 0.002 0 0 1 70.26 0.000 1 1 1 170 0.022 0.016 0.000 cbdata MemBuf (19) 72 1 1 1 70.25 0.002 0 0 1 70.25 0.000 1 1 1 551 0.072 0.051 0.009 cbdata RemovalPolicyWalker (30) 56 1 1 1 62.40 0.001 0 0 1 62.40 0.000 1 1 1 0 0.000 0.000 0.000 dwrite_q 48 1 1 1 70.26 0.001 0 0 1 70.26 0.000 1 1 1 2982 0.388 0.186 0.000 CacheDigest 40 1 1 1 70.26 0.001 1 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 ACLRegexData 32 1 1 1 70.26 0.001 1 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 ACLMethodData 32 1 1 1 70.26 0.001 1 1 1 70.26 100.000 0 0 0 0 0.000 0.000 0.000 StoreMetaMD5 32 1 1 1 70.21 0.001 0 0 1 70.21 0.000 1 1 1 129 0.017 0.005 0.000 StoreMetaSTDLFS 32 1 1 1 70.21 0.001 0 0 1 70.21 0.000 1 1 1 129 0.017 0.005 0.000 StoreMetaURL 32 1 1 1 70.21 0.001 0 0 1 70.21 0.000 1 1 1 129 0.017 0.005 0.000 StoreMetaObjSize 32 1 1 1 70.21 0.001 0 0 1 70.21 0.000 1 1 1 104 0.014 0.004 0.000 StoreMetaVary 32 1 1 1 70.19 0.001 0 0 1 70.19 0.000 1 1 1 50 0.007 0.002 0.000 SysErrorDetail 32 1 1 1 70.15 0.001 0 0 1 70.15 0.000 1 1 1 0 0.000 0.000 0.000 Total 1 9924 4659 5096 70.19 100.000 7990 2016 3583 70.13 43.274 1934 2643 2749 747538 97.265 91.422 1012.782 Cumulative allocated volume: 77.04 MB Current overhead: 26284 bytes (1.273%) Idle pool limit: 5.00 MB Total Pools created: 84 Pools ever used: 81 (shown above) Currently in use: 48 String Pool Impact (%strings) (%volume) Short Strings 86 45 Medium Strings 8 14 Long Strings 5 35 1KB Strings 0 0 4KB Strings 0 1 16KB Strings 0 6 Other Strings 0 0 Large buffers: 0 (0 KB)
동작 정보
squidclient -p <port> mgr:info
[root@proxy-a ~]# squidclient mgr:info HTTP/1.1 200 OK Server: squid/5.5 Mime-Version: 1.0 Date: Thu, 13 Feb 2025 05:25:01 GMT Content-Type: text/plain;charset=utf-8 Expires: Thu, 13 Feb 2025 05:25:01 GMT Last-Modified: Thu, 13 Feb 2025 05:25:01 GMT X-Cache: MISS from proxy-a X-Cache-Lookup: MISS from proxy-a:3128 Via: 1.1 proxy-a (squid/5.5) Connection: close Squid Object Cache: Version 5.5 Build Info: Service Name: squid Start Time: Mon, 10 Feb 2025 07:08:49 GMT Current Time: Thu, 13 Feb 2025 05:25:01 GMT Connection information for squid: Number of clients accessing cache: 2 Number of HTTP requests received: 560 Number of ICP messages received: 0 Number of ICP messages sent: 0 Number of queued ICP replies: 0 Number of HTCP messages received: 0 Number of HTCP messages sent: 0 Request failure ratio: 0.00 Average HTTP requests per minute since start: 0.1 Average ICP messages per minute since start: 0.0 Select loop called: 657258 times, 384.889 ms avg Cache information for squid: Hits as % of all requests: 5min: 0.0%, 60min: 0.0% Hits as % of bytes sent: 5min: 100.0%, 60min: 100.0% Memory hits as % of hit requests: 5min: 0.0%, 60min: 0.0% Disk hits as % of hit requests: 5min: 0.0%, 60min: 0.0% Storage Swap size: 10544 KB Storage Swap capacity: 10.3% used, 89.7% free Storage Mem size: 1256 KB Storage Mem capacity: 0.5% used, 99.5% free Mean Object Size: 102.37 KB Requests given to unlinkd: 34 Median Service Times (seconds) 5 min 60 min: HTTP Requests (All): 0.00000 0.00000 Cache Misses: 0.00000 0.00000 Cache Hits: 0.00000 0.00000 Near Hits: 0.00000 0.00000 Not-Modified Replies: 0.00000 0.00000 DNS Lookups: 0.00000 0.00000 ICP Queries: 0.00000 0.00000 Resource usage for squid: UP Time: 252971.655 seconds CPU Time: 27.644 seconds CPU Usage: 0.01% CPU Usage, 5 minute avg: 0.01% CPU Usage, 60 minute avg: 0.01% Maximum Resident Size: 159744 KB Page faults with physical i/o: 2 Memory accounted for: Total accounted: 4658 KB memPoolAlloc calls: 747712 memPoolFree calls: 760771 File descriptor usage for squid: Maximum number of file descriptors: 16384 Largest file desc currently in use: 17 Number of file desc currently in use: 9 Files queued for open: 0 Available number of file descriptors: 16375 Reserved number of file descriptors: 100 Store Disk files open: 0 Internal Data Structures: 156 StoreEntries 143 StoreEntries with MemObjects 90 Hot Object Cache Items 103 on-disk objects
로그인하면 댓글을 남길 수 있습니다.