Submitted by admin on 2012, March 19, 11:31 AM
由于页面问题或web服务器临时不可用,会导致squid缓存一个错误信息(400,500等错误),正好是首页出错并被老板发现了。。。。
如何不缓存这些错误页面呢?
要想不缓存错误页面据说可以设成negative_ttl 1 second
# TAG: negative_ttl time-units
# Time-to-Live (TTL) for failed requests. Certain types of
# failures (such as "connection refused" and "404 Not Found") are
# negatively-cached for a configurable amount of time. The
# default is 5 minutes. Note that this is different from
# negative caching of DNS lookups
状态:
TCP_NEGATIVE_HIT
在对原始服务器的请求导致HTTP错误时,Squid也会cache这个响应。在短时间内对这些资源的重复请求,导致了否命中。 negative_ttl指令控制这些错误被cache的时间数量。请注意这些错误只在内存cache,不会写往磁盘。下列HTTP状态码可能导致否定 cache(也遵循于其他约束): 204, 305, 400, 403, 404, 405, 414, 500, 501, 502, 503, 504。
TCP_MEM_HIT
Squid在内存cache里发现请求资源的有效拷贝,并将其立即发送到客户端。注意这点并非精确的呈现了所有从内存服务的响应。例如,某些cache在内存里,但要求确认的响应,会以TCP_REFRESH_HIT, TCP_REFRESH_MISS等形式记录。
TCP_IMS_HIT
客户端发送确认请求,Squid发现更近来的、貌似新鲜的请求资源的拷贝。Squid发送更新的内容到客户端,而不联系原始服务器。
-----------------------------------
通过域名访问 返回 400错误,通过ip地址访问没问题
查看squid 日志发现 TCP_NEGATIVE_HIT/400 错误
由于squid 默认设置 会缓存错误页面,主要用来防止服务不可用攻击
修改配置文件
negative_ttl 1 second
暂时解决问题
squid/缓存 | 评论:0
| Trackbacks:0
| 阅读:1079
Submitted by admin on 2012, March 13, 3:43 PM
linux | 评论:0
| Trackbacks:0
| 阅读:790
Submitted by admin on 2012, March 12, 6:27 PM
if(preg_match("/^[0-9a-zA-Z]{3,12}$/",$variable)){
echo "<script>alert('只能是英文字母或数字, 且长度必须是3-12个字');history.back(-1);</script>";die;
}
//其实判断是否是字母和数字或字母数字的组合还可以用PHP ctype_alnum函数
if(!ctype_alnum($vipurl)){
echo '只能是字母或数字的组合';exit;
}
顺便复习下ctype functions
1.ctype_alnum(string $text)://不用说了,检查是否是字母或数字或字母数字的 组合
2.ctype_alpha(string $text):check for alphabetic character(s) //检查字符串是否是字母
3.ctype_cntrl(string $text):check for control character(s) //是否是控制字符如\n,\r,\t
4.ctype_digit(strint $text):check for numeric character(s) //是否是数字表示的字符
大多数时也许应该用is_numeric
这个要特别注意与is_numeric()的区别
例:$numeric_string='42';
$interger = 42;
ctype_digit($numeric_string);//true
ctype_digit($interger);//false
is_numeric($numeric_string); //true
is_numeric($interger); //true
5.ctype_graph(string $text):Check for any printable character(s) except space
6.ctype_lower():check for lowercase character(s)//检查是否是小写字母
7.ctype_upper():check for uppercase character(s)//检查是否是大写字母
8.ctype_space: check for whitespace character(s)//是否是空白字符
9.ctype_xdigit: check for character(s) representing a hexadecimal digit//检查是否是十六进制数字
php | 评论:0
| Trackbacks:0
| 阅读:1118
Submitted by admin on 2012, March 10, 6:04 PM
通常Web服务器都会通过gzip压缩来减少用户下载的流量,提高页面打开速度。
gzip压缩分为两种,http1.0压缩和http1.1压缩,这两种压缩的压缩方法和response header都一样,只是客户端和服务器通讯的http协议不同。
Squid2.7之前,是不支持http1.1的。在2.7版本开始,有限支持http1.1。从3.0版本开始,才完整的支持http1.1。但是因为squid3是完全重构的,很多2.7的功能并没有加到3.0当中,所以squid3并没有被大规模的应用在生产系统中,基本上都还是使用 squid2.6或2.7来进行内容加速,所以需要搞定Squid支持各种Web服务器的HTTP1.0 GZIP压缩。
具体配置:
1, 配置Web服务器,支持HTTP1.0压缩
Apache, 默认就支持http1.0压缩,不需要特定配置
IIS, 通过修改MetaBase.xml第三段IIsCompressionSchemes中的
* HcNoCompressionForHttp10="TRUE"
* HcNoCompressionForProxies="TRUE"
* HcNoCompressionForRange="FALSE"
将HcNoCompressionForHttp10="TRUE" 修改为FALSE
Nginx, 修改nginx.conf中的gzip_version配置项,修改为gzip_version http1.0;
配置后,再发http1.0的压缩请求到nginx,就能够获得压缩后的内容。
2, 配置Squid,支持对http1.0压缩内容的缓存
首先,将cache_vary设置成on。使squid能够缓存带有vary头的内容
然后,将broken_vary_encoding设置成all。squid.conf.default中,这个参数的示例是
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
这个挺有趣,我理解这个参数应该是很早加入的,那时候web服务器还是apache一家的天下。所以作者直接就写了一个allow apache,并一直沿用至今。
这个参数是针对那些压缩前和压缩后etag完全一致的web服务器,让squid通过vary头来区分压缩和未压缩的内容。事实上,现在 apache已经不需要通过broken_vary_encoding来区分vary头了。Apache会修改经过压缩的内容的etag头, 在原来的etag后面加上-gzip。用来区分压缩和非压缩内容。而其他的web服务器都没有这样的功能。都需要通过配置 broken_vary_encoding来支持。
通过配置上面两个参数,你就可以配置squid正确的缓存Apache,IIS,Nginx输出的压缩内容。
上面介绍的方法,已经经过实际环境的验证并稳定运行了近一年,没有出现过压缩缓存失效的情况。
squid/缓存 | 评论:0
| Trackbacks:0
| 阅读:892
Submitted by admin on 2012, March 9, 8:59 AM
client_db on
acl client_10 src 192.168.0.0/32
acl maxconnect maxconn 10
http_access deny client_10 maxconnect
-------------------------
查了一下,该错误是因为打开的文件数超过了linux的限制造成的。因此对系统和squid配置文件进行了修改:
1)对系统进行修改,取消对打开文件数的限制。
ulimit -HSn 65535
为了防止重启后失效,在/etc/profile文件中增加该命令。
查看是否生效,使用命令:ulimit -n
2)修改squid配置文件,增加并发数
打开配置文件:gedit ../squid/etc/squid.conf
a) 增加如下内容:acl OverConnLimit maxconn 2000
b) 将以前的设置"http_access deny all" 修改为 "http_access allow all"
squid/缓存 | 评论:0
| Trackbacks:0
| 阅读:948
Submitted by admin on 2012, March 6, 6:28 PM
13.3 store.log
store.log记录Squid关于存储或删除cache目标的决定。对每个存在cache里的目标、每个不可cache的目标、以及每个被轮换策略删除的目标,Squid都会创建相应的日志条目。该日志文件内容既包含了内存cache又包含了磁盘cache。
store.log提供了下述不能从access.log获取的内容:
- 1)某个特定的响应是否被cache。
- 2)cache目标的文件号。对UFS基础的存储机制,你可转换该文件号到路径名,并且检查cache文件的内容。
- 3)响应的内容长度:包括Content-Length值和实际的body大小。
- 4)Date, Last-Modified, 和Expires头部的值。
- 5)响应的cache关键字(例如MD5哈希值)。
如你所见,这些都是相对低级的信息,在日常管理中可能用不上。除非你要做专业的分析,或打算debug某程序,否则store.log可有可无。可以如下来禁止它:
cache_store_log none
跟其他日志文件一样,Squid将最新的日志条目写到该文件的末尾。某个给定的URI可能出现在日志文件里多次。例如,它先被cache,然后删除,接着又cache住。仅仅最近来的日志条目才反映目标的当前值。
store.log是文本基础的,看起来如下:
1067299212.411 RELEASE -1 FFFFFFFF A5964B32245AC98592D83F9B6EA10B8D 206
1067299212 1064287906 -1 application/octet-stream 6840/6840
GET http://download.windowsupdate.com/msdownload/update/v3-19990518/cab...
1067299212.422 SWAPOUT 02 0005FD5F 6F34570785CACABC8DD01ABA5D73B392 200
1067299210 1057899600 -1 image/gif 1125/1125
GET http://forum.topsportsnet.com/shf./images/nav_members1.gif
1067299212.641 RELEASE -1 FFFFFFFF B0616CB4B7280F67672A40647DD08474 200
1067299212 -1 -1 text/html -1/67191
GET http://www.tlava.com/
1067299212.671 RELEASE -1 FFFFFFFF 5ECD93934257594825659B596D9444BC 200
1067299023 1034873897 1067299023 image/jpeg 3386/3386
GET http://ebiz0.ipixmedia.com/abc/ebiz/_EBIZ_3922eabf57d44e2a4c3e7cd234a...
1067299212.786 RELEASE -1 FFFFFFFF B388F7B766B307ADEC044A4099946A21 200
1067297755 -1 -1 text/html -1/566
GET http://www.evenflowrocks.com/pages/100303pic15.cfm
1067299212.837 RELEASE -1 FFFFFFFF ABC862C7107F3B7E9FC2D7CA01C8E6A1 304
1067299212 -1 1067299212 unknown -1/0
GET http://ebiz0.ipixmedia.com/abc/ebiz/_EBIZ_3922eabf57d44e2a4c3e7cd234a...
1067299212.859 RELEASE -1 FFFFFFFF 5ED2726D4A3AD83CACC8A01CFDD6082B 304
1066940882 1065063803 -1 application/x-javascript -1/0
GET http://www.bellsouth.com/scripts/header_footer.js
每个日志条目包含如下13个域:
squid/缓存 | 评论:0
| Trackbacks:0
| 阅读:1024
Submitted by admin on 2012, March 6, 6:24 PM
先看看squid原始文档怎么解释吧
# TAG: logformat
# Usage:
#
# logformat <name> <format specification>
#
# Defines an access log format.
#
# The <format specification> is a string with embedded % format codes
#
# % format codes all follow the same basic structure where all but
# the formatcode is optional. Output strings are automatically escaped
# as required according to their context and the output format
# modifiers are usually not needed, but can be specified if an explicit
# output format is desired.
#
# % ["|[|'|#] [-] [[0]width] [{argument}] formatcode
#
# " output in quoted string format
# [ output in squid text log format as used by log_mime_hdrs
# # output in URL quoted format
# ' output as-is
#
# - left aligned
# width field width. If starting with 0 the
# output is zero padded
# {arg} argument such as header name etc
#
# Format codes:
#
# % a literal % character
# >a Client source IP address
# >A Client FQDN
# >p Client source port
# <A Server IP address or peer name
# la Local IP address (http_port)
# lp Local port number (http_port)
# <la Local IP address of the last server or peer connection
# <lp Local port number of the last server or peer connection
# ts Seconds since epoch
# tu subsecond time (milliseconds)
# tl Local time. Optional strftime format argument
# default %d/%b/%Y:%H:%M:%S %z
# tg GMT time. Optional strftime format argument
# default %d/%b/%Y:%H:%M:%S %z
# tr Response time (milliseconds)
# dt Total time spent making DNS lookups (milliseconds)
#
# HTTP cache related format codes:
#
# [http::]>h Original request header. Optional header name argument
# on the format header[:[separator]element]
# [http::]>ha The HTTP request headers after adaptation and redirection.
# Optional header name argument as for >h
# [http::]<h Reply header. Optional header name argument
# as for >h
# [http::]un User name
# [http::]ul User name from authentication
# [http::]ui User name from ident
# [http::]us User name from SSL
# [http::]ue User name from external acl helper
# [http::]>Hs HTTP status code sent to the client
# [http::]<Hs HTTP status code received from the next hop
# [http::]Ss Squid request status (TCP_MISS etc)
# [http::]Sh Squid hierarchy status (DEFAULT_PARENT etc)
# [http::]mt MIME content type
# [http::]rm Request method (GET/POST etc)
# [http::]ru Request URL
# [http::]rp Request URL-Path excluding hostname
# [http::]rv Request protocol version
# [http::]et Tag returned by external acl
# [http::]ea Log string returned by external acl
# [http::]<st Sent reply size including HTTP headers
# [http::]>st Received request size including HTTP headers. In the
# case of chunked requests the chunked encoding metadata
# are not included
# [http::]>sh Received HTTP request headers size
# [http::]<sh Sent HTTP reply headers size
# [http::]st Request+Reply size including HTTP headers
# [http::]<sH Reply high offset sent
# [http::]<sS Upstream object size
# [http::]<pt Peer response time in milliseconds. The timer starts
# when the last request byte is sent to the next hop
# and stops when the last response byte is received.
# [http::]<tt Total server-side time in milliseconds. The timer
# starts with the first connect request (or write I/O)
# sent to the first selected peer. The timer stops
# with the last I/O with the last peer.
#logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
#logformat squidmime %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
#logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st %Ss:%Sh
#logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
#Default:
# none
{} modifier or argument. Also used to specify header names
> request (client) 客户请求
< reply (server) 服务端回应
a address 访问用户ip地址
A address name 访问用户电脑名称
h all headers 浏览器头信息
i ident
p port 端口
r request line (no query)
t time 访问时间
u user
l local address/port (where request was accepted)
自己squid配置文件日志格式定义如下:
logformat cccdn %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st %tr "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
squid/缓存 | 评论:0
| Trackbacks:0
| 阅读:871
Submitted by admin on 2012, March 6, 6:23 PM
linux | 评论:0
| Trackbacks:0
| 阅读:922