Welcome, Guest. Please login or register.
Did you miss your activation email?
Monday 30 December 2024, 01:33:43 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  EFW 3.0.5 slow Proxy and Squid using all CPU
0 Members and 5 Guests are viewing this topic. « previous next »
Pages: 1 [2] Go Down Print
Author Topic: EFW 3.0.5 slow Proxy and Squid using all CPU  (Read 81962 times)
crisman
Full Member
***
Offline Offline

Posts: 15


« Reply #15 on: Wednesday 13 May 2015, 01:05:59 am »

Hi,

At this time I will try out other solutions and it seems IPFire to be a good replacement.

Thanks.
Logged
gsv
Full Member
***
Offline Offline

Posts: 16


« Reply #16 on: Wednesday 13 May 2015, 06:05:48 pm »

OK. I play a few days with IPFire, Is ok, smooth, everything work great but it doesnt have the potential of Endian.
Anyway, this year i want to change the Endian box myself. I will  try Psense. The GUI is not that intuitive, but the community support and updates are great.
Logged
crisman
Full Member
***
Offline Offline

Posts: 15


« Reply #17 on: Wednesday 13 May 2015, 06:21:43 pm »

It doesn't seems that Endian as so much potential, it lacks 64 bit so cannot use all memory and other hardware  resources and it does not provide IPv6, I only would like to use it has a Proxy for my company, at home I use Sophos UTM Home license, Sophos has really lot of potential and much more feature rich than Endian and the support forum is awesome, I only cannot use it at work because the license does not permit.
Logged
gsv
Full Member
***
Offline Offline

Posts: 16


« Reply #18 on: Friday 15 May 2015, 06:30:59 pm »

I know it has allot of bugs, but for a free version in a company it has allot of features.......the only big problem i saw is the lack off support.
The 64 bit version  i dont considered a big problem because Endian can sustain a network with 50, 100, 200 user with a modest box. My old box for example it was a old system and it handled my users ok (40-50 users) with 2 subnets.
Anyway it has allot of bugs, thats why i decide to test other Distros and change in the far future Endian.
Good luck
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #19 on: Saturday 23 May 2015, 12:32:11 am »

it has a kernel PAE, this means it can use more memory. I don't know if it's stock or not, but on previous versions I've installed it.
I have an Endian 2.4.0 with 4GB ram.

Disable antivirus, it's a resource hog. Also go to Services->Antivirus Engine and reduce all values to 1. I know it's a lack, but it's better than nothing.
Logged
crisman
Full Member
***
Offline Offline

Posts: 15


« Reply #20 on: Saturday 23 May 2015, 01:19:50 am »

it has a kernel PAE, this means it can use more memory. I don't know if it's stock or not, but on previous versions I've installed it.
I have an Endian 2.4.0 with 4GB ram.

Disable antivirus, it's a resource hog. Also go to Services->Antivirus Engine and reduce all values to 1. I know it's a lack, but it's better than nothing.

Hi,

I'm using another different solution FW and it also uses antivirus and web filtering and I don't get the CPU at maximum, so it should be a Endian Bug?

Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #21 on: Saturday 23 May 2015, 04:01:45 am »

What solution? I've been searching any opensource UTM solution, and no one comes closer to what Endian offers.

Probably yes, it must be an Endian bug. It has plenty of bugs, everywhere.
 But once you fine tune it, it's very stable.
I have a EFW with about 250 users, all but AV enabled (IDS, Content Filter, 200+ firewall rules, 8+ OpenVPN's connections, IPSec....), and I have like 25% CPU time (4 core).

You can't expect support from EFW community, it's a nice product but you are pretty much alone on it.
To fine tuning and add custom packets you must have some linux experience.
It's not a plug and play.


Logged
crisman
Full Member
***
Offline Offline

Posts: 15


« Reply #22 on: Monday 25 May 2015, 11:59:02 am »

Hi,

I've tried with IPfire and PFSense and both worked fine, you must also have some experience on linux/unix to make some fine tuning.
With Endian, when I turn the server on, it works fine but an hour later I get CPU stress by Squid, don't understand why?
You have a lot of users so I'm not sure if IPFire or PFSense will behave well but at least on PFSense the community helps a lot.
Logged
burja2
Jr. Member
*
Offline Offline

Posts: 8


« Reply #23 on: Wednesday 10 June 2015, 01:59:59 pm »

Hello Crisman,

DL380 with 2 Xeon and 6 GB...? that's still pretty decent stuff IMHO. You shouldn't have that kind of problems.

I'm with EFW since 2.2.1 (when they were truly opensource...) It's epic the proxy implementation in EFW had lots of problems, hard to tell if it really work or just simulating... anyway...

With 3.0.5, (clean install - not an upgraded version, done last Sunday) I'm now enjoying (at last) a http proxy that works !!  including AV and even SNORT ( with ALL its rules enabled with drop. All my FW rules (about 40...) are set to "allow with FS"). So, if you'd previously upgraded from 3.0 (or else) a clean install will clearly help. It solved many problems for me.

My two teens are giving EFW a real beating since Monday. Yet my CPU (AMD Athlon 6600 - old stuff and only 4GB DDR2) bumped tonight at a "whooping" 10% load after supper for a full 3h then went down as my kids went to bed. I'll continue to monitor CPU's behavior to see if it could  the roof like you.

Last thoughts, through my years of experimentation with EFW, I found the hdd being the weak point. I've gone through 3 drives since 2007/8. I'm currently with a small SSD drive (60Gb nothing "extravagant"). So, maybe a hard disk currently have a "near-dead" experience ;-)  and your CPUs are taking the told, or maybe a lack of swap space? (you should have 12Gb of swap space)

 for thoughts

Logged
svritc_81
Full Member
***
Offline Offline

Posts: 27


« Reply #24 on: Friday 21 August 2015, 04:47:57 pm »

Can you try these settings in squid.conf

hosts_file /etc/hosts
dns_nameservers x.x.x.x x.x.x.x
cache_replacement_policy heap LFUDA
cache_swap_low 90
cache_swap_high 95
maximum_object_size_in_memory 50 KB
cache_dir aufs /var/spool/squid 40000 16 256
cache_mem 100 MB
logfile_rotate 10
memory_pools off
maximum_object_size 50 MB
quick_abort_min 0 KB
quick_abort_max 0 KB
log_icp_queries off
client_db off
buffered_logs on
half_closed_clients off
Logged
cocoalcazar
Full Member
***
Offline Offline

Posts: 42



« Reply #25 on: Friday 25 September 2015, 01:09:38 am »

to put that configuration and change is deleted via web,  any other option? please.  Tghank you.
Logged
Pages: 1 [2] Go Up Print 
« previous next »
Jump to:  

Page created in 0.141 seconds with 20 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com