I'm not sure if this is right or not, but wouldn't your refresh patterns
need to have the "ignore-private" to cache ssl? Amos may know better, but I
don't see that option specified in your "All Files" refresh_patterns.
-----Original Message-----
From: Ragheb Rustom [mailto:ragheb_at_smartelecom.org]
Sent: Monday, August 25, 2014 5:12 PM
To: squid-users_at_squid-cache.org
Subject: [squid-users] FW: squid 3.3.10 always gives TCP_MISS for SSL
requests
Dear All,
I have lately installed squid 3.3.11 on Centos 6.5 x86_64 system. I have
configured it as a transparent SSL_BUMP proxy. All is working well I can
browse all SSL websites successfully after I have imported my generated CA
file. The problem is that no matter how many times I request the SSL
websites I always get a TCP_MISS in the squid access log. Among other
websites I am trying to cache yahoo.com, facebook and youtube but most
websites are always being served directly from source nothing is being
served for the squid proxy. Please find below my configuration files. I
deeply value any help on this matter.
Squid setup settings:
Squid Cache: Version 3.3.11
configure options: '--build=x86_64-redhat-linux-gnu'
'--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu'
'--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr'
'--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc'
'--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64'
'--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib'
'--mandir=/usr/share/man' '--infodir=/usr/share/info' '--exec_prefix=/usr'
'--libexecdir=/usr/lib64/squid' '--localstatedir=/var'
'--datadir=/usr/share/squid' '--sysconfdir=/etc/squid'
'--with-logdir=$(localstatedir)/log/squid'
'--with-pidfile=$(localstatedir)/run/squid.pid'
'--disable-dependency-tracking' '--enable-eui'
'--enable-follow-x-forwarded-for' '--enable-auth'
'--enable-auth-basic=DB,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB,getpwnam'
'--enable-auth-ntlm=smb_lm,fake'
'--enable-auth-digest=file,LDAP,eDirectory'
'--enable-auth-negotiate=kerberos,wrapper'
'--enable-external-acl-helpers=wbinfo_group,kerberos_ldap_group,AD_group'
'--enable-cache-digests' '--enable-cachemgr-hostname=localhost'
'--enable-delay-pools' '--enable-epoll' '--enable-icap-client'
'--enable-ident-lookups' '--enable-linux-netfilter'
'--enable-removal-policies=heap,lru' '--enable-snmp' '--enable-ssl'
'--enable-ssl-crtd' '--enable-storeio=aufs,diskd,ufs,rock'
'--enable-wccpv2' '--enable-esi' '--enable-zph-qos' '--with-aio'
'--with-default-user=squid' '--with-filedescriptors=65535' '--with-dl'
'--with-openssl' '--with-pthreads' '--disable-arch-native'
'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu'
'target_alias=x86_64-redhat-linux-gnu' 'CFLAGS=-O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
--param=ssp-buffer-size=4 -m64 -mtune=generic' 'CXXFLAGS=-O2 -g -pipe -Wall
-Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
--param=ssp-buffer-size=4 -m64 -mtune=generic -fPIC'
'PKG_CONFIG_PATH=/usr/lib64/pkgconfig:/usr/share/pkgconfig'
squid.conf file:
acl snmppublic snmp_community public
acl bamboe src 10.128.135.0/24
#uncomment noway url, if necessary.
#acl noway url_regex -i "/etc/squid/noway"
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 1935 # http acl Safe_ports port 21 #
ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais acl Safe_ports port
1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http acl Safe_ports port 591 #
filemaker acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#http_access deny noway
http_access allow manager localhost
http_access allow bamboe
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
htcp_access deny all
miss_access allow all
# NETWORK OPTIONS
http_port 8080
http_port 8082 intercept
https_port 8081 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=8MB cert=/etc/squid/myconfigure.pem
key=/etc/squid/myconfigure.pem ssl_bump server-first all always_direct allow
all sslproxy_cert_error allow all sslproxy_flags DONT_VERIFY_PEER
sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 8MB
sslcrtd_children 5 hierarchy_stoplist cgi-bin ? .js .jsp mivo.tv
192.168.10.29 192.168.10.30 static.videoku.tv acl QUERY urlpath_regex
cgi-bin \? .js .jsp 192.168.10.29 192.168.10.30 youtube.com indowebster.com
static.videoku.tv no_cache deny QUERY
# MEMORY CACHE OPTIONS
cache_mem 6000 MB
maximum_object_size_in_memory 16 KB
memory_replacement_policy heap GDSF
# DISK CACHE OPTIONS
cache_replacement_policy heap LFUDA
cache_dir aufs /cache1 300000 64 256
store_dir_select_algorithm least-load
minimum_object_size 16 KB
maximum_object_size 2 GB
cache_swap_low 97
cache_swap_high 99
#LOGFILE OPTIONS
access_log stdio:/var/log/squid/access.log cache_log
/var/log/squid/cache.log cache_store_log none cache_swap_log
/cache1/swap.state logfile_rotate 5 log_icp_queries off buffered_logs off
#OPTIONS FOR TUNING THE CACHE
refresh_pattern -i \.swf$ 20160 80% 20160 override-expire override-lastmod
reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.gif$ 20160 80% 20160 override-expire override-lastmod
reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.jpg$ 20160 80% 20160 override-expire override-lastmod
reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.jpeg$ 20160 80% 20160 override-expire override-lastmod
reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern -i \.exe$ 20160 80% 20160 override-expire override-lastmod
reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
# 1 year = 525600 mins, 1 month = 20160 mins, 1 day = 1440 refresh_pattern
^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.ad
brite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xte
ndmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-a
dvertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adse
rving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 20160 20%
20160 ignore-no-cache ignore-private override-expire ignore-reload
ignore-auth refresh_pattern ^.*safebrowsing.*google
20160 80% 20160 override-expire ignore-reload ignore-no-cache ignore-private
ignore-auth refresh_pattern
^https://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk)
20160 80% 20160 override-expire ignore-reload ignore-private refresh_pattern
ytimg\.com 20160 80%
20160 override-expire ignore-reload
refresh_pattern images\.friendster\.com.*\.(png|gif)
20160 80% 20160 override-expire ignore-reload refresh_pattern garena\.com
20160 80% 20160 override-expire reload-into-ims refresh_pattern
photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png)
20160 80% 20160 override-expire ignore-reload refresh_pattern
vid\.akm\.dailymotion\.com.*\.on2\?
20160 80% 20160 ignore-no-cache override-expire override-lastmod
refresh_pattern
mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 20160 80%
20160 reload-into-ims override-expire ignore-private refresh_pattern
^http:\/\/images|pics|thumbs[0-9]\.
20160 80% 20160 reload-into-ims ignore-no-cache ignore-reload
override-expire refresh_pattern ^http:\/\/www.onemanga.com.*\/
20160 80% 20160 reload-into-ims ignore-no-cache ignore-reload
override-expire refresh_pattern
^http://v\.okezone\.com/get_video\/([a-zA-Z0-9])
20160 80% 20160 override-expire ignore-reload ignore-no-cache ignore-private
ignore-auth override-lastmod #images facebook refresh_pattern -i
\.facebook.com 20160 80% 20160 ignore-reload
override-expire ignore-no-cache
# Facebook
refresh_pattern ((facebook.com)|(85.131.151.39)).*\.(jpg|png|gif|css)
20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3)
20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png)
20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern ^https:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)
20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3)
20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png)
20160 80% 20160 ignore-reload override-expire ignore-no-cache
refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png)
20160 80% 20160 ignore-reload override-expire ignore-no-cache
#All File
refresh_pattern -i
\.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 20160
80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i
\.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 20160
80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i
\.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 20160
80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims
refresh_pattern -i
\.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|sn
d|vob) 20160 80% 20160 ignore-no-cache override-expire
d|override-lastmod
reload-into-ims
refresh_pattern -i
\.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|
x-flv) 20160 80% 20160 ignore-no-cache override-expire override-lastmod
reload-into-ims refresh_pattern ^ftp: 1440 90% 201600
override-lastmod reload-into-ims refresh_pattern ^gopher: 1440
0% 1440 override-lastmod reload-into-ims refresh_pattern
(cgi-bin|\?) 0 0% 0 refresh_pattern . 1440
80% 201600 override-lastmod reload-into-ims quick_abort_min 64 KB
quick_abort_max 64 KB quick_abort_pct 95
shutdown_lifetime 10 seconds
half_closed_clients off
cache_effective_user squid
cache_effective_group squid
dns_nameservers 127.0.0.1 46.20.98.62 8.8.8.8 8.8.4.4 ipcache_size 2048
ipcache_low 90 ipcache_high 95
#another optimizing
memory_pools off
client_db on
coredump_dir /cache1
reload_into_ims on
balance_on_multiple_ip on
vary_ignore_expire on
pipeline_prefetch on
max_filedescriptors 65535
#MARKING ZPH for squid 3.1
qos_flows local-hit=0x30
extracts from access.log:
1409008205.780 55164 10.128.135.3 TCP_MISS/200 602 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008262.400 55233 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008318.273 55166 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008374.149 55167 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008400.029 215 10.128.135.3 TCP_MISS/200 1640 POST
https://tools.google.com/service/update2? - HIER_DIRECT/173.194.35.2
text/xml
1409008430.036 55169 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008462.103 225 10.128.135.3 TCP_MISS/200 1580 POST
https://www.facebook.com/ajax/chat/buddy_list.php -
HIER_DIRECT/31.13.93.17 application/x-javascript
1409008485.934 55164 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008541.849 55166 10.128.135.3 TCP_MISS/200 602 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008598.386 55165 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008654.275 55166 10.128.135.3 TCP_MISS/200 602 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008710.154 55168 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008716.949 194 10.128.135.3 TCP_MISS/200 412 GET
https://clients3.google.com/crsignal/client? - HIER_DIRECT/173.194.39.32
application/json
1409008762.710 166 10.128.135.3 TCP_MISS/200 1580 POST
https://www.facebook.com/ajax/chat/buddy_list.php -
HIER_DIRECT/31.13.81.97 application/x-javascript
1409008766.061 55167 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008824.407 55167 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008880.535 55165 10.128.135.3 TCP_MISS/200 602 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008936.620 55165 10.128.135.3 TCP_MISS/200 602 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409008992.479 55163 10.128.135.3 TCP_MISS/200 602 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009048.489 55233 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009063.325 288 10.128.135.3 TCP_MISS/200 1579 POST
https://www.facebook.com/ajax/chat/buddy_list.php -
HIER_DIRECT/31.13.80.49 application/x-javascript
1409009087.790 256 10.128.135.3 TCP_MISS/200 1471 POST
https://safebrowsing.google.com/safebrowsing/downloads? -
HIER_DIRECT/173.194.39.35 application/vnd.google.safebrowsing-update
1409009088.230 136 10.128.135.3 TCP_MISS/200 1742 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChVnb29nLWJhZGJpbnVy
bC1zaGF2YXIQARiJjQIgsI0CKgmNhgAA_____w8yBYmGAAAP -
HIER_DIRECT/173.194.35.103 application/vnd.google.safebrowsing-chunk
1409009088.562 56 10.128.135.3 TCP_MISS/200 1436 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChVnb29nLWJhZGJpbnVy
bC1zaGF2YXIQABiF6AEgmOgBKgYOdAAA_wcyBgV0AAD_AQ -
HIER_DIRECT/173.194.35.103 application/vnd.google.safebrowsing-chunk
1409009088.901 58 10.128.135.3 TCP_MISS/200 2762 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUt
c2hhdmFyEAEY-dYIIKDXCCoJgSsCAP____8AMgZ5KwIA_wA -
HIER_DIRECT/173.194.35.103 application/vnd.google.safebrowsing-chunk
1409009089.239 56 10.128.135.3 TCP_MISS/200 1945 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUt
c2hhdmFyEAAYhZQJIJiUCSoGDUoCAP8PMgYFSgIA_wA - HIER_DIRECT/173.194.35.103
application/vnd.google.safebrowsing-chunk
1409009089.589 59 10.128.135.3 TCP_MISS/200 659 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNo
YXZhchABGIGHCyCAjAsqVIXDAgD_______________________________________________
__________________________________________________________DzIFgcMCAA8 -
HIER_DIRECT/173.194.35.103 application/vnd.google.safebrowsing-chunk
1409009089.923 57 10.128.135.3 TCP_MISS/200 2635 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNo
YXZhchAAGIP5FCCM-RQyBoM8BQD_Aw - HIER_DIRECT/173.194.35.103
application/vnd.google.safebrowsing-chunk
1409009090.251 57 10.128.135.3 TCP_MISS/200 1117 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNo
YXZhchAAGI35FCCg-RQqB5A8BQD__wEyBY08BQAH - HIER_DIRECT/173.194.35.103
application/vnd.google.safebrowsing-chunk
1409009104.366 55165 10.128.135.3 TCP_MISS/200 1547 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009160.254 55164 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009216.115 55167 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009272.613 55591 10.128.135.3 TCP_MISS/200 602 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009329.063 55168 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009363.999 338 10.128.135.3 TCP_MISS/200 2916 POST
https://www.facebook.com/ajax/chat/buddy_list.php -
HIER_DIRECT/179.60.192.65 application/x-javascript
1409009384.920 55168 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009440.846 55167 10.128.135.3 TCP_MISS/200 602 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009496.713 55165 10.128.135.3 TCP_MISS/200 602 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009505.577 160 10.128.135.3 TCP_MISS/302 737 GET
https://nexus.officeapps.live.com/nexus/rules? -
HIER_DIRECT/137.117.165.100 text/plain
1409009506.362 757 10.128.135.3 TCP_MISS/200 70281 GET
https://nexus.officeapps.live.com/nexus/rules/_t789ltHouvFHfjsttlvpFjDHPGj
yxi6085tDM0Usuc - HIER_DIRECT/137.117.165.100
application/vnd.ms-nexus-rules-v2+xml
1409009512.443 223 10.128.135.3 TCP_MISS/200 1558 GET
https://outlook.linkedinlabs.com/osc/capabilities? -
HIER_DIRECT/54.84.41.245 text/xml
1409009552.593 55165 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009608.462 55165 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009664.563 55165 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009664.737 289 10.128.135.3 TCP_MISS/200 1579 POST
https://www.facebook.com/ajax/chat/buddy_list.php -
HIER_DIRECT/179.60.192.65 application/x-javascript
1409009720.453 55166 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009759.349 265 10.128.135.3 TCP_MISS/200 1355 POST
https://safebrowsing.google.com/safebrowsing/downloads? -
HIER_DIRECT/173.194.39.35 application/vnd.google.safebrowsing-update
1409009759.781 145 10.128.135.3 TCP_MISS/200 2190 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChVnb29nLWJhZGJpbnVy
bC1zaGF2YXIQARiJjQIgsI0CKgmOhgAA_____wcyBYmGAAAf -
HIER_DIRECT/173.194.35.99 application/vnd.google.safebrowsing-chunk
1409009759.849 57 10.128.135.3 TCP_MISS/200 1452 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChVnb29nLWJhZGJpbnVy
bC1zaGF2YXIQABiF6AEgmOgBKgYPdAAA_wMyBgV0AAD_Aw - HIER_DIRECT/173.194.35.99
application/vnd.google.safebrowsing-chunk
1409009759.915 57 10.128.135.3 TCP_MISS/200 1946 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUt
c2hhdmFyEAAYhZQJIJiUCSoGDUoCAP8PMgYFSgIA_wA - HIER_DIRECT/173.194.35.99
application/vnd.google.safebrowsing-chunk
1409009759.983 57 10.128.135.3 TCP_MISS/200 744 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNo
YXZhchABGIGHCyCAjAsqVIbDAgD_______________________________________________
__________________________________________________________BzIFgcMCAB8 -
HIER_DIRECT/173.194.35.99 application/vnd.google.safebrowsing-chunk
1409009760.049 58 10.128.135.3 TCP_MISS/200 1393 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNo
YXZhchAAGI35FCCg-RQqB5E8BQD__wAyBY08BQAP - HIER_DIRECT/173.194.35.99
application/vnd.google.safebrowsing-chunk
1409009776.344 55167 10.128.135.3 TCP_MISS/200 602 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009832.702 55251 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009845.118 247 10.128.135.3 TCP_MISS/201 631 POST
https://nexus.officeapps.live.com/nexus/upload/%7b6397977B-5B34-442C-8EBE-
F0C01C37BF0B%7d - HIER_DIRECT/137.117.165.100 -
1409009888.592 55164 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009944.468 55164 10.128.135.3 TCP_MISS/200 1578 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409009965.543 224 10.128.135.3 TCP_MISS/200 1579 POST
https://www.facebook.com/ajax/chat/buddy_list.php -
HIER_DIRECT/31.13.81.33 application/x-javascript
1409010000.344 55166 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010056.252 55164 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010112.134 55168 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010168.629 55167 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010224.500 55165 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010266.179 246 10.128.135.3 TCP_MISS/200 1579 POST
https://www.facebook.com/ajax/chat/buddy_list.php -
HIER_DIRECT/179.60.192.65 application/x-javascript
1409010280.372 55165 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010336.259 55164 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010392.133 55164 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010448.006 55165 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010503.974 55165 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010559.838 55164 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010566.793 292 10.128.135.3 TCP_MISS/200 1579 POST
https://www.facebook.com/ajax/chat/buddy_list.php -
HIER_DIRECT/31.13.80.33 application/x-javascript
1409010615.707 55165 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010671.826 55164 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010727.699 55164 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010783.668 55165 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010839.526 55163 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010867.422 255 10.128.135.3 TCP_MISS/200 2381 POST
https://www.facebook.com/ajax/chat/buddy_list.php -
HIER_DIRECT/31.13.80.33 application/x-javascript
1409010883.018 256 10.128.135.3 TCP_MISS/200 1350 POST
https://safebrowsing.google.com/safebrowsing/downloads? -
HIER_DIRECT/173.194.45.70 application/vnd.google.safebrowsing-update
1409010883.536 140 10.128.135.3 TCP_MISS/200 2191 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChVnb29nLWJhZGJpbnVy
bC1zaGF2YXIQARiJjQIgsI0CKgmOhgAA_____wcyBYmGAAAf -
HIER_DIRECT/173.194.44.0 application/vnd.google.safebrowsing-chunk
1409010883.903 64 10.128.135.3 TCP_MISS/200 2459 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChVnb29nLWJhZGJpbnVy
bC1zaGF2YXIQABiF6AEgmOgBKgYRdAAA_wAyBgV0AAD_Dw - HIER_DIRECT/173.194.44.0
application/vnd.google.safebrowsing-chunk
1409010884.266 64 10.128.135.3 TCP_MISS/200 2877 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUt
c2hhdmFyEAEY-dYIIKDXCCoIgisCAP___38yBnkrAgD_AQ - HIER_DIRECT/173.194.44.0
application/vnd.google.safebrowsing-chunk
1409010884.637 63 10.128.135.3 TCP_MISS/200 2133 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUt
c2hhdmFyEAAYhZQJIJiUCSoGDkoCAP8HMgYFSgIA_wE - HIER_DIRECT/173.194.44.0
application/vnd.google.safebrowsing-chunk
1409010885.001 64 10.128.135.3 TCP_MISS/200 855 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNo
YXZhchABGIGHCyCAjAsqVIfDAgD_______________________________________________
__________________________________________________________AzIFgcMCAD8 -
HIER_DIRECT/173.194.44.0 application/vnd.google.safebrowsing-chunk
1409010885.363 63 10.128.135.3 TCP_MISS/200 1716 GET
https://safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNo
YXZhchAAGI35FCCg-RQqBpQ8BQD_HzIFjTwFAH8 - HIER_DIRECT/173.194.44.0
application/vnd.google.safebrowsing-chunk
1409010895.410 55166 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
1409010951.341 55187 10.128.135.3 TCP_MISS/200 607 GET
https://0-channel-proxy-04-frc3.facebook.com/pull? -
HIER_DIRECT/173.252.107.16 application/json
As you can see all my https requests are being flagged as TCP_MISS no
TCP_HIT.
Extracts from cache.log:
Starting Squid Cache version 3.3.11 for x86_64-redhat-linux-gnu...
2014/08/26 00:25:08 kid1| Process ID 7955
2014/08/26 00:25:08 kid1| Process Roles: worker
2014/08/26 00:25:08 kid1| With 65535 file descriptors available
2014/08/26 00:25:08 kid1| Initializing IP Cache...
2014/08/26 00:25:08 kid1| DNS Socket created at [::], FD 7
2014/08/26 00:25:08 kid1| DNS Socket created at 0.0.0.0, FD 8
2014/08/26 00:25:08 kid1| Adding nameserver 127.0.0.1 from squid.conf
2014/08/26 00:25:08 kid1| Adding nameserver 46.20.98.62 from squid.conf
2014/08/26 00:25:08 kid1| Adding nameserver 8.8.8.8 from squid.conf
2014/08/26 00:25:08 kid1| Adding nameserver 8.8.4.4 from squid.conf
2014/08/26 00:25:08 kid1| helperOpenServers: Starting 5/5 'ssl_crtd'
processes
2014/08/26 00:25:08 kid1| Logfile: opening log /var/log/squid/access.log
2014/08/26 00:25:08 kid1| Local cache digest enabled; rebuild/rewrite every
3600/3600 sec
2014/08/26 00:25:08 kid1| Store logging disabled
2014/08/26 00:25:08 kid1| Swap maxSize 307200000 + 6144000 KB, estimated
24103384 objects
2014/08/26 00:25:08 kid1| Target number of buckets: 1205169
2014/08/26 00:25:08 kid1| Using 2097152 Store buckets
2014/08/26 00:25:08 kid1| Max Mem size: 6144000 KB
2014/08/26 00:25:08 kid1| Max Swap size: 307200000 KB
2014/08/26 00:25:08 kid1| Rebuilding storage in /cache1 (clean log)
2014/08/26 00:25:08 kid1| Using Least Load store dir selection
2014/08/26 00:25:08 kid1| Set Current Directory to /cache1
2014/08/26 00:25:08 kid1| Loaded Icons.
2014/08/26 00:25:08 kid1| HTCP Disabled.
2014/08/26 00:25:08 kid1| Sending SNMP messages from [::]:3401
2014/08/26 00:25:08 kid1| Squid plugin modules loaded: 0
2014/08/26 00:25:08 kid1| Adaptation support is off.
2014/08/26 00:25:08 kid1| Accepting HTTP Socket connections at
local=[::]:8080 remote=[::] FD 22 flags=9
2014/08/26 00:25:08 kid1| Accepting NAT intercepted HTTP Socket connections
at local=0.0.0.0:8082 remote=[::] FD 23 flags=41
2014/08/26 00:25:08 kid1| Accepting NAT intercepted SSL bumped HTTPS Socket
connections at local=0.0.0.0:8081 remote=[::] FD 24 flags=41
2014/08/26 00:25:08 kid1| Accepting SNMP messages on [::]:3401
2014/08/26 00:25:08 kid1| Done reading /cache1 swaplog (198 entries)
2014/08/26 00:25:08 kid1| Finished rebuilding storage from disk.
2014/08/26 00:25:08 kid1| 198 Entries scanned
2014/08/26 00:25:08 kid1| 0 Invalid entries.
2014/08/26 00:25:08 kid1| 0 With invalid flags.
2014/08/26 00:25:08 kid1| 198 Objects loaded.
2014/08/26 00:25:08 kid1| 0 Objects expired.
2014/08/26 00:25:08 kid1| 0 Objects cancelled.
2014/08/26 00:25:08 kid1| 0 Duplicate URLs purged.
2014/08/26 00:25:08 kid1| 0 Swapfile clashes avoided.
2014/08/26 00:25:08 kid1| Took 0.02 seconds (8174.05 objects/sec).
2014/08/26 00:25:08 kid1| Beginning Validation Procedure
2014/08/26 00:25:08 kid1| Completed Validation Procedure
2014/08/26 00:25:08 kid1| Validated 198 Entries
2014/08/26 00:25:08 kid1| store_swap_size = 11304.00 KB
2014/08/26 00:25:09 kid1| storeLateRelease: released 0 objects
Sincerely,
Ragheb Rustom
Smart Telecom S.A.R.L
Sin el fil Highway
Mirna Chalouhi Center - 8th Floor
Beirut, Lebanon
Telefax: +961-1-491582
Mobile: +961-3-286282
Email: ragheb_at_smartelecom.org
Received on Tue Aug 26 2014 - 03:30:04 MDT
This archive was generated by hypermail 2.2.0 : Tue Aug 26 2014 - 12:00:09 MDT