squid3 + squidguard проблемы запуска

[winmasta]

на роутере етсь iptables работает сквид
конфиг сквида

(Нажмите, чтобы показать/скрыть)

Код: [Выделить]


acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl server src 192.168.1.2
acl kireva src 192.168.1.0/255.255.255.0
acl olga src 192.168.1.11
acl irina src 192.168.1.5
acl nd src 192.168.1.4
acl kassa src 192.168.1.6
acl manager_kireva src 192.168.1.7
acl magazin_meln src 192.168.1.14
acl winmasta src 192.168.1.9

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow kireva
http_access deny all

icp_access deny all

htcp_access deny all

http_port 3128 transparent

hierarchy_stoplist cgi-bin ?

cache_dir ufs /mnt/storage/cache/squid 2048 64 256

access_log /var/log/squid3/access.log

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320

icp_port 3130

coredump_dir /var/spool/squid3

url_rewrite_program /usr/bin/squidGuard –c /etc/squid/squidGuard.conf


все настроил все работает как надо, поставил сквидгард чтобы давать компам только нужные сайты

вот конфиг гарда

(Нажмите, чтобы показать/скрыть)

Код: [Выделить]

#
# CONFIG FILE FOR SQUIDGUARD
#

dbhome /var/lib/squidguard/db
logdir /var/log/squid

#
# TIME RULES:
# abbrev for weekdays:
# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat

#time workhours {
# weekly mtwhf 08:00 - 16:30
# date *-*-01  08:00 - 16:30
#}

#
# REWRITE RULES:
#

#rew dmz {
# s@://admin/@://admin.foo.bar.no/@i
# s@://foo.bar.no/@://www.foo.bar.no/@i
#}

#
# SOURCE ADDRESSES:
#

src admin {
ip 192.168.1.3
ip 192.168.1.8
ip 192.168.1.9
ip 192.168.1.10
# user root foo bar
# within workhours
}

src nd {
ip 192.168.1.4
}

src server {
ip 192.168.1.2
}
#src foo-clients {
# ip 172.16.2.32-172.16.2.100 172.16.2.100 172.16.2.200
#}

#src bar-clients {
# ip 172.16.4.0/26
#}

#
# DESTINATION CLASSES:
#

dest bl {
domainlist bl
}

dest nd {
domainlist nd
}

dest server {
domainlist server
}

dest local {
}

#dest adult {
# domainlist adult/domains
# urllist adult/urls
# expressionlist adult/expressions
# redirect http://admin.foo.bar.no/cgi-bin/squidGuard.cgi?clientaddr=%a+clientname=%n+clientident=%i+srcclass=%s+targetclass=%t+url=%u
#}


acl {
admin {
pass any
}
nd {
pass nd bl none
}
server {
pass bl server none
}

# foo-clients within workhours {
# pass good !in-addr !adult any
# } else {
# pass any
# }

# bar-clients {
# pass local none
# }

default {
pass local bl
# rewrite dmz
redirect http://192.168.1.1
}
}

проблема такая, сначала все работает как надо, потом при очередном перезапуске сквида он не запускается, в логах пишет вот что

(Нажмите, чтобы показать/скрыть)

Код: [Выделить]

Jul  5 12:47:31 server squid[13495]: Squid Parent: child process 13542 started
Jul  5 12:47:31 server squid[13542]: Starting Squid Cache version 3.0.STABLE19 for i486-pc-linux-gnu...
Jul  5 12:47:31 server squid[13542]: Process ID 13542
Jul  5 12:47:31 server squid[13542]: With 1024 file descriptors available
Jul  5 12:47:31 server squid[13542]: Performing DNS Tests...
Jul  5 12:47:31 server squid[13542]: Successful DNS name lookup tests...
Jul  5 12:47:31 server squid[13542]: DNS Socket created at 0.0.0.0, port 36621, FD 8
Jul  5 12:47:31 server squid[13542]: Adding nameserver 217.18.138.30 from /etc/resolv.conf
Jul  5 12:47:31 server squid[13542]: Adding nameserver 217.18.130.30 from /etc/resolv.conf
Jul  5 12:47:31 server squid[13542]: helperOpenServers: Starting 5/5 'squidGuard' processes
Jul  5 12:47:31 server squid[13542]: Unlinkd pipe opened on FD 18
Jul  5 12:47:31 server squid[13542]: Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
Jul  5 12:47:31 server squid[13542]: Swap maxSize 2097152 + 8192 KB, estimated 161949 objects
Jul  5 12:47:31 server squid[13542]: Target number of buckets: 8097
Jul  5 12:47:31 server squid[13542]: Using 8192 Store buckets
Jul  5 12:47:31 server squid[13542]: Max Mem  size: 8192 KB
Jul  5 12:47:31 server squid[13542]: Max Swap size: 2097152 KB
Jul  5 12:47:31 server squid[13542]: Rebuilding storage in /mnt/storage/cache/squid (DIRTY)
Jul  5 12:47:31 server squid[13542]: Using Least Load store dir selection
Jul  5 12:47:31 server squid[13542]: Set Current Directory to /var/spool/squid3
Jul  5 12:47:31 server squid[13542]: Loaded Icons.
Jul  5 12:47:31 server squid[13542]: Accepting transparently proxied HTTP connections at 0.0.0.0, port 3128, FD 19.
Jul  5 12:47:31 server squid[13542]: Accepting ICP messages at 0.0.0.0, port 3130, FD 20.
Jul  5 12:47:31 server squid[13542]: HTCP Disabled.
Jul  5 12:47:31 server squid[13542]: Ready to serve requests.
Jul  5 12:47:31 server squid[13542]: WARNING: redirector #3 (FD 11) exited
Jul  5 12:47:31 server squid[13542]: WARNING: redirector #4 (FD 12) exited
Jul  5 12:47:31 server squid[13542]: WARNING: redirector #5 (FD 13) exited
Jul  5 12:47:31 server squid[13542]: WARNING: redirector #1 (FD 9) exited
Jul  5 12:47:31 server squid[13542]: Too few redirector processes are running
Jul  5 12:47:31 server squid[13542]: The redirector helpers are crashing too rapidly, need help!
Jul  5 12:47:31 server squid[13495]: Squid Parent: child process 13542 exited with status 1
Jul  5 12:47:31 server squid[13495]: Exiting due to repeated, frequent failures

если отключаем гард все опять работает, в чем косяк ?

[winmasta]

было 2 проблемы в именах dest нельзя использовать цифры и собственник файлов в папке ./db должны быть proxy:proxy