Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 19 December 2024, 10:52:25 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  EFW 3.0.5 slow Proxy and Squid using all CPU
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] 2 Go Down Print
Author Topic: EFW 3.0.5 slow Proxy and Squid using all CPU  (Read 80603 times)
crisman
Full Member
***
Offline Offline

Posts: 15


« on: Friday 08 May 2015, 01:27:01 am »

Hi,

I'm using the EFW 3.0.5 Beta 1 on a HP DL380 G4 with 2 CPUS Xeon 3.6 Ghz DP and 6 Gb Ram and have been testing 3 Active Directory users and most of the times the Squid gets 100% CPU usage, I've already disabled caching, is there any fine tuning to fix this?

Thanks.
Logged
gsv
Full Member
***
Offline Offline

Posts: 16


« Reply #1 on: Friday 08 May 2015, 05:28:53 pm »

ClamAV is running? If is running try to disable the AV.
Look at the web filtering. Delete all policies and create again one without av filtering. Restart.
Logged
crisman
Full Member
***
Offline Offline

Posts: 15


« Reply #2 on: Friday 08 May 2015, 06:02:57 pm »

Hi,

Yes Clamav is running, I will try without Clamav but if this feature is present there should be a way to have both running without problem, this is a bug with Clamav?

Thanks.
Logged
gsv
Full Member
***
Offline Offline

Posts: 16


« Reply #3 on: Friday 08 May 2015, 08:00:13 pm »

From my experience with Endian (not allot, but i have a machine in production from over 2 years now, 50 users) Clam AV with proxy have problems. In fact the bigest problems that i have with Endian 3.0 and now 3.0.5 is proxy with clamAV and second is web filtering (Endian has a default policy with AV filtering).
When i disabled clamAV the box was very stable with 3.0 and now with 3.0.5. I also deleted the default web policy and created a new one without AV filtering. I to have disabled cache from squid.
Logged
crisman
Full Member
***
Offline Offline

Posts: 15


« Reply #4 on: Friday 08 May 2015, 08:33:31 pm »

I see!

But using Clamav would be more secure.
BTW what is your hardware?

Thanks.
Logged
gsv
Full Member
***
Offline Offline

Posts: 16


« Reply #5 on: Friday 08 May 2015, 09:31:25 pm »

For the first machine with 3.0 it was a old Sempron 1.8Ghz single core, with 2GB RAM SDR and 80GB HDD Sata 1, 3 NIC's ( 1SiS, 1 Intel, 1 Realtek 1Gb)
Now i have a Pentium 2.8 Dual core, 4GB RAM, 250 GB HDD Sata2, 3 NIC's (2Realtek 1Gb, 1Intel).
ISP speed 50-60Mb down/20-30 Mb up

You are right, the ClamAV its good but under this circumstances better off.
Logged
crisman
Full Member
***
Offline Offline

Posts: 15


« Reply #6 on: Friday 08 May 2015, 11:09:46 pm »

Are you using the Web Filter profiles?

Logged
gsv
Full Member
***
Offline Offline

Posts: 16


« Reply #7 on: Friday 08 May 2015, 11:44:18 pm »

No. Only acces policy. I have 2 policies under ACCESS POLICY: One with  of sites that i block without a profile (just "acces denied") and the second one is "filter any to any" without blocking anything and without AV,  using the profile created under WEB FILTER without AV.
The Endian comes with a default acces policy "filter any to any" with a profile that has AV enabled.
I deleted that and recreat my policy from above with a new profile from web filter a profile without AV.
Acces policies is working but filtering with profiles dont work. I dont know why. I tried allot to make filtering work, but......
Logged
crisman
Full Member
***
Offline Offline

Posts: 15


« Reply #8 on: Friday 08 May 2015, 11:59:43 pm »

Ok,

Later I will try to add the profiles working.
At the moment, I only want the users from my AD to access the web without problems.
Do you use Endian for a long time or you are also new to EFW?
Do you know when a stable 3.0.5 will be released?
It seems this project is a little forgotten! No much community support, and if this has been around here for several years why not 64 bit version yet since all others already have 64 bits and also IPv6 support?

Thanks.
Logged
gsv
Full Member
***
Offline Offline

Posts: 16


« Reply #9 on: Saturday 09 May 2015, 12:35:41 am »

Why did you integrated with AD......can you try without integration?
Disable clamAV and delete profiles and Acces Policies. You can create policies later. Restart and see if is working.
Im using Endian from over 2 year now ( i think ) and before ( for short time) other Distros, but Endian catch me. Version 3.0 is the first contact with it.
I dont know when is the next update. Anyway, im in proccess (4 months now) of returning to other Distros because lack of support in Community version, although the GUI is nice and intuitive. I like the configuration options, but not all are working OK.

Logged
gsv
Full Member
***
Offline Offline

Posts: 16


« Reply #10 on: Saturday 09 May 2015, 12:39:01 am »

Keep me updated.
See you Monday.
Have a nice weekend.
Logged
crisman
Full Member
***
Offline Offline

Posts: 15


« Reply #11 on: Saturday 09 May 2015, 12:52:23 am »

I have to integrate with AD because we have several users and only a few must have internet access and this way I can easily give permissions to whom have access or not.
I used Microsoft ISA Server but the support and product has been discontinued but it works well and fast.

At this time I having again Squid using most of the time all CPU resources, it seems it works fine if I restart the service but a few hours later its start consuming lost of CPU, very unstable and I'm only testing with five users but need to use it with 30 users!!!
Probably I will have to find another Proxy solution with AD integration.  Sad

Have a nice weekend too!
Logged
gsv
Full Member
***
Offline Offline

Posts: 16


« Reply #12 on: Monday 11 May 2015, 09:37:41 pm »

Did you disable clamAV? Did you recreat acces policies again?
Logged
crisman
Full Member
***
Offline Offline

Posts: 15


« Reply #13 on: Monday 11 May 2015, 10:50:13 pm »

Hi,

Yes I've disabled all that options, so with only proxy and no Virus scanning and no Web Filtering I still have Squid very often taking all CPU resources.  Angry

Regards.

Logged
gsv
Full Member
***
Offline Offline

Posts: 16


« Reply #14 on: Tuesday 12 May 2015, 11:42:01 pm »

The rules in Squid are all enabled or just log and pass?
Try disable all the rules and see what the CPU do?
Logged
Pages: [1] 2 Go Up Print 
« previous next »
Jump to:  

Page created in 0.406 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com