pfSense Support Subscription

Author Topic: Is there a way to confirm Squid is working?  (Read 1913 times)

0 Members and 1 Guest are viewing this topic.

Offline Roodawakening

  • Jr. Member
  • **
  • Posts: 95
    • View Profile
Is there a way to confirm Squid is working?
« on: August 27, 2009, 09:54:22 am »
Other than the obvious "Service is running" notification on the Dashboard, is there a simple test that shows Squid is running? I'm running Squid right now (and the learning curve is molasses slow for me!) and have not noticed any "difference" in system performance. I guess I didn't expect much because it's running on a home network but it'd be nice if I could confirm it's configured correctly. I can't even seem to review the "cache" to see if my system is even storing files. Perhaps there's no reason to run Squid at all given it's a home network and should be removed entirely. 
"The descent to hell is easy. The gates stand open day and night. But to reclimb the slope and escape to the upper air: This is labor."
--Virgil, Aeneid, Book 6

Rob

Offline mhab12

  • Hero Member
  • *****
  • Posts: 648
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #1 on: August 27, 2009, 10:08:45 am »
http://www.whatismyip.com/

Should indicate whether it detected a proxy or not under your IP.

Offline Roodawakening

  • Jr. Member
  • **
  • Posts: 95
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #2 on: August 27, 2009, 10:29:03 am »
http://www.whatismyip.com/

Should indicate whether it detected a proxy or not under your IP.

I tried that already and it only shows my HAVP proxy. Does that also indicate Squid is working? I'm really confused about how the two are related.

"The descent to hell is easy. The gates stand open day and night. But to reclimb the slope and escape to the upper air: This is labor."
--Virgil, Aeneid, Book 6

Rob

Offline mhab12

  • Hero Member
  • *****
  • Posts: 648
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #3 on: August 27, 2009, 10:31:51 am »
I believe HAVP is just another instance of Squid...looks like you're up and running.  Try disabling HAVP/Squid and revisit the site, won't show anything like that.

Offline xaviero

  • Full Member
  • ***
  • Posts: 172
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #4 on: August 27, 2009, 12:28:13 pm »
maybe by activating temporary the squid.log , u can tail it and see it HIT or MISS ..... maybe.....

Offline mhab12

  • Hero Member
  • *****
  • Posts: 648
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #5 on: August 27, 2009, 12:33:23 pm »
Run
Code: [Select]
#tail -f /var/squid/log/access.log from the console and visit some sites with a client.  You should see the log in action.

Offline Roodawakening

  • Jr. Member
  • **
  • Posts: 95
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #6 on: August 27, 2009, 12:39:56 pm »
Run
Code: [Select]
#tail -f /var/squid/log/access.log from the console and visit some sites with a client.  You should see the log in action.

Great, thanks. There's "stuff" in there but it appears to be from several days ago. I also went to several sites with a client on my LAN and didn't notice anything change on the console after doing so. Hmm...
"The descent to hell is easy. The gates stand open day and night. But to reclimb the slope and escape to the upper air: This is labor."
--Virgil, Aeneid, Book 6

Rob

Offline Bern

  • Full Member
  • ***
  • Posts: 135
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #7 on: August 27, 2009, 12:42:59 pm »
I find that this technique works when I'm trying to find out when I'm behind a transparent proxy...

pc-bern-host ~ % telnet www.bbc.co.uk 80
Trying 212.58.251.197...
Connected to www.bbc.net.uk.
Escape character is '^]'.
HEAD http://www.google.co.uk HTTP/1.1
Host: www.google.co.uk

HTTP/1.0 200 OK
Date: Thu, 27 Aug 2009 17:41:02 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: PREF=ID=1cb5dc1b553c7adc:TM=1251394862:LM=1251394862:S=zCNt-T5gtFSxmMpP; expires=Sat, 27-Aug-2011 17:41:02 GMT; path=/; domain=.google.co.uk
Server: gws
X-Cache: MISS from localhost
Proxy-Connection: close

Connection closed by foreign host.


ie. telnet to a known-good webserver on port 80, request a page from a different server and see which of the two replies. If you're being proxied, you'll get the "inner" host replying. If you're not being proxied, your "outer" host will reply.

Offline Roodawakening

  • Jr. Member
  • **
  • Posts: 95
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #8 on: August 27, 2009, 12:50:53 pm »
I find that this technique works when I'm trying to find out when I'm behind a transparent proxy...

pc-bern-host ~ % telnet www.bbc.co.uk 80
Trying 212.58.251.197...
Connected to www.bbc.net.uk.
Escape character is '^]'.
HEAD http://www.google.co.uk HTTP/1.1
Host: www.google.co.uk

HTTP/1.0 200 OK
Date: Thu, 27 Aug 2009 17:41:02 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: PREF=ID=1cb5dc1b553c7adc:TM=1251394862:LM=1251394862:S=zCNt-T5gtFSxmMpP; expires=Sat, 27-Aug-2011 17:41:02 GMT; path=/; domain=.google.co.uk
Server: gws
X-Cache: MISS from localhost
Proxy-Connection: close

Connection closed by foreign host.


ie. telnet to a known-good webserver on port 80, request a page from a different server and see which of the two replies. If you're being proxied, you'll get the "inner" host replying. If you're not being proxied, your "outer" host will reply.

My output just looks like this...

Quote
$ telnet www.bbc.co.uk 80
Trying 212.58.251.197...
Connected to www.bbc.net.uk.
Escape character is '^]'.
Connection closed by foreign host.

What'd I do wrong?
"The descent to hell is easy. The gates stand open day and night. But to reclimb the slope and escape to the upper air: This is labor."
--Virgil, Aeneid, Book 6

Rob

Offline Roodawakening

  • Jr. Member
  • **
  • Posts: 95
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #9 on: August 27, 2009, 12:54:21 pm »
Incidentally, I'm using a 640GB hard drive on this pfSense box so I have tons of space, if needed. What cache size is recommended? I have it set to 100000 MB (or 100GB).
"The descent to hell is easy. The gates stand open day and night. But to reclimb the slope and escape to the upper air: This is labor."
--Virgil, Aeneid, Book 6

Rob

Offline Bern

  • Full Member
  • ***
  • Posts: 135
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #10 on: August 27, 2009, 12:57:41 pm »
Did you type the "HEAD" and "Host:" lines?

Try this instead:

pc-bern-host ~ % (echo HEAD http://www.google.co.uk HTTP/1.1; echo Host: www.google.co.uk; echo) | nc www.bbc.co.uk 80
HTTP/1.0 200 OK
Date: Thu, 27 Aug 2009 17:56:51 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: PREF=ID=becdf844de4646ef:TM=1251395811:LM=1251395811:S=fw0Opyy0MpsCcWGz; expires=Sat, 27-Aug-2011 17:56:51 GMT; path=/; domain=.google.co.uk
Server: gws
X-Cache: MISS from localhost
Proxy-Connection: close


Offline Roodawakening

  • Jr. Member
  • **
  • Posts: 95
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #11 on: August 27, 2009, 01:07:30 pm »
OK...I got this:

Quote
$ (echo HEAD http://www.google.co.uk HTTP/1.1; echo Host: www.google.co.uk; echo) | nc www.bbc.co.uk 80
HTTP/1.1 200 OK
Date: Thu, 27 Aug 2009 18:04:26 GMT
Server: Apache
Set-Cookie: BBC-UID=e4da39661c9a8aca15a1fbc961f338dbd123db1a4070d144448f2977cdc6a1bf0; expires=Mon, 26-Aug-13 18:04:26 GMT; path=/; domain=bbc.co.uk;
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Thu, 27 Aug 2009 18:04:26 GMT
Pragma: no-cache
Content-Length: 61338
Content-Type: text/html; charset=iso-8859-1

Connection closed by foreign host.
"The descent to hell is easy. The gates stand open day and night. But to reclimb the slope and escape to the upper air: This is labor."
--Virgil, Aeneid, Book 6

Rob

Offline Bern

  • Full Member
  • ***
  • Posts: 135
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #12 on: August 27, 2009, 01:09:45 pm »
You're not being transparently proxied then.

Offline Roodawakening

  • Jr. Member
  • **
  • Posts: 95
    • View Profile
Re: Is there a way to confirm Squid is working?
« Reply #13 on: August 27, 2009, 01:15:11 pm »
You're not being transparently proxied then.

UGH! I'm confused by the concurrent use of Squid and HAVP. It appears HAVP is running (via whatismyip) but now Squid is not.
"The descent to hell is easy. The gates stand open day and night. But to reclimb the slope and escape to the upper air: This is labor."
--Virgil, Aeneid, Book 6

Rob