EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Friday 22 November 2024, 11:56:28 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
The Latest Endian Firewall is now available for download
HERE
14258
Posts in
4377
Topics by
6516
Members
Latest Member:
DaveH
Search:
Advanced search
EFW Support
Support
EFW SMTP, HTTP, SIP, FTP Proxy Support
EFW 3.0.5 slow Proxy and Squid using all CPU
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
1
[
2
]
Author
Topic: EFW 3.0.5 slow Proxy and Squid using all CPU (Read 68667 times)
crisman
Full Member
Offline
Posts: 15
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #15 on:
Wednesday 13 May 2015, 01:05:59 am »
Hi,
At this time I will try out other solutions and it seems IPFire to be a good replacement.
Thanks.
Logged
gsv
Full Member
Offline
Posts: 16
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #16 on:
Wednesday 13 May 2015, 06:05:48 pm »
OK. I play a few days with IPFire, Is ok, smooth, everything work great but it doesnt have the potential of Endian.
Anyway, this year i want to change the Endian box myself. I will try Psense. The GUI is not that intuitive, but the community support and updates are great.
Logged
crisman
Full Member
Offline
Posts: 15
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #17 on:
Wednesday 13 May 2015, 06:21:43 pm »
It doesn't seems that Endian as so much potential, it lacks 64 bit so cannot use all memory and other hardware resources and it does not provide IPv6, I only would like to use it has a Proxy for my company, at home I use Sophos UTM Home license, Sophos has really lot of potential and much more feature rich than Endian and the support forum is awesome, I only cannot use it at work because the license does not permit.
Logged
gsv
Full Member
Offline
Posts: 16
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #18 on:
Friday 15 May 2015, 06:30:59 pm »
I know it has allot of bugs, but for a free version in a company it has allot of features.......the only big problem i saw is the lack off support.
The 64 bit version i dont considered a big problem because Endian can sustain a network with 50, 100, 200 user with a modest box. My old box for example it was a old system and it handled my users ok (40-50 users) with 2 subnets.
Anyway it has allot of bugs, thats why i decide to test other Distros and change in the far future Endian.
Good luck
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #19 on:
Saturday 23 May 2015, 12:32:11 am »
it has a kernel PAE, this means it can use more memory. I don't know if it's stock or not, but on previous versions I've installed it.
I have an Endian 2.4.0 with 4GB ram.
Disable antivirus, it's a resource hog. Also go to Services->Antivirus Engine and reduce all values to 1. I know it's a lack, but it's better than nothing.
Logged
crisman
Full Member
Offline
Posts: 15
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #20 on:
Saturday 23 May 2015, 01:19:50 am »
Quote from: mrkroket on Saturday 23 May 2015, 12:32:11 am
it has a kernel PAE, this means it can use more memory. I don't know if it's stock or not, but on previous versions I've installed it.
I have an Endian 2.4.0 with 4GB ram.
Disable antivirus, it's a resource hog. Also go to Services->Antivirus Engine and reduce all values to 1. I know it's a lack, but it's better than nothing.
Hi,
I'm using another different solution FW and it also uses antivirus and web filtering and I don't get the CPU at maximum, so it should be a Endian Bug?
Logged
mrkroket
Hero Member
Offline
Posts: 495
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #21 on:
Saturday 23 May 2015, 04:01:45 am »
What solution? I've been searching any opensource UTM solution, and no one comes closer to what Endian offers.
Probably yes, it must be an Endian bug. It has plenty of bugs, everywhere.
But once you fine tune it, it's very stable.
I have a EFW with about 250 users, all but AV enabled (IDS, Content Filter, 200+ firewall rules, 8+ OpenVPN's connections, IPSec....), and I have like 25% CPU time (4 core).
You can't expect support from EFW community, it's a nice product but you are pretty much alone on it.
To fine tuning and add custom packets you must have some linux experience.
It's not a plug and play.
Logged
crisman
Full Member
Offline
Posts: 15
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #22 on:
Monday 25 May 2015, 11:59:02 am »
Hi,
I've tried with IPfire and PFSense and both worked fine, you must also have some experience on linux/unix to make some fine tuning.
With Endian, when I turn the server on, it works fine but an hour later I get CPU stress by Squid, don't understand why?
You have a lot of users so I'm not sure if IPFire or PFSense will behave well but at least on PFSense the community helps a lot.
Logged
burja2
Jr. Member
Offline
Posts: 8
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #23 on:
Wednesday 10 June 2015, 01:59:59 pm »
Hello Crisman,
DL380 with 2 Xeon and 6 GB...? that's still pretty decent stuff IMHO. You shouldn't have that kind of problems.
I'm with EFW since 2.2.1 (when they were truly opensource...) It's epic the proxy implementation in EFW had lots of problems, hard to tell if it really work or just simulating... anyway...
With 3.0.5, (clean install - not an upgraded version, done last Sunday) I'm now enjoying (at last) a http proxy that works !! including AV and even SNORT ( with ALL its rules enabled with drop. All my FW rules (about 40...) are set to "allow with FS"). So, if you'd previously upgraded from 3.0 (or else) a clean install will clearly help. It solved many problems for me.
My two teens are giving EFW a real beating since Monday. Yet my CPU (AMD Athlon 6600 - old stuff and only 4GB DDR2) bumped tonight at a "whooping" 10% load after supper for a full 3h then went down as my kids went to bed. I'll continue to monitor CPU's behavior to see if it could the roof like you.
Last thoughts, through my years of experimentation with EFW, I found the hdd being the weak point. I've gone through 3 drives since 2007/8. I'm currently with a small SSD drive (60Gb nothing "extravagant"). So, maybe a hard disk currently have a "near-dead" experience ;-) and your CPUs are taking the told, or maybe a lack of swap space? (you should have 12Gb of swap space)
for thoughts
Logged
svritc_81
Full Member
Offline
Posts: 27
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #24 on:
Friday 21 August 2015, 04:47:57 pm »
Can you try these settings in squid.conf
hosts_file /etc/hosts
dns_nameservers x.x.x.x x.x.x.x
cache_replacement_policy heap LFUDA
cache_swap_low 90
cache_swap_high 95
maximum_object_size_in_memory 50 KB
cache_dir aufs /var/spool/squid 40000 16 256
cache_mem 100 MB
logfile_rotate 10
memory_pools off
maximum_object_size 50 MB
quick_abort_min 0 KB
quick_abort_max 0 KB
log_icp_queries off
client_db off
buffered_logs on
half_closed_clients off
Logged
cocoalcazar
Full Member
Offline
Posts: 42
Re: EFW 3.0.5 slow Proxy and Squid using all CPU
«
Reply #25 on:
Friday 25 September 2015, 01:09:38 am »
to put that configuration and change is deleted via web, any other option? please. Tghank you.
Logged
Pages:
1
[
2
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.125 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com