-   Linux - Software (
-   -   Squid / DansGuardian / HavP SLOW! Optimisation tips, please! (

Paulsuk 05-21-2006 03:49 AM

Squid / DansGuardian / HavP SLOW! Optimisation tips, please!

I have a small home network (1 busybox server running LFS6.0 and 4 wireless clients running XP, 2 laptop and 2 desktop). The desktop machines are in the kids bedrooms and access the 'net through a SQUID->Dan's Guardian->HavP chain.

As it stands, I have set up the system in a slightly odd order because I want to be able to get reports on what the kids are doing on the 'net. I also want to be able to control which hours of the day they can access it!

Now, the first thing to say is that the system works (sort of).

The kids PCs connect to SQUID on the busybox. I use authentication which means their usernames appear in the logs which are then analysed with SQUINT.

SQUID then passes the request (if required) upstream to Dan's Guardian to filter out anything unsuitable. I use them in this order because (AFAIK) Dan's Guardian can't log usernames and also can't pass the authentication request through. I also think it makes sense to block a suspect site from even being cached!

Dan's Guardian then passes the request off to HavP which gets the download and scans it for viruses (using ClamAV). I went for this for 2 reasons: 1) Obviously, virus scanning is a good idea, particularly when you have XP in the picture. 2) AFAIK Dan's Guardian has to connect to some sort of upstream proxy, so I needed something there!

Now, this system is very, very slow. My eldest has stopped using the 'net (no bad thing, I feel!) as he complains that it can take up to 5 minutes to get a page. (Same page loads in a few seconds if the proxy setup is bypassed). Alternatively, (and recently more frequently) you simply get an error saying

The requested URL could not be retrieved


While trying to retrieve the URL: NONE://

The following error was encountered:

Zero Sized Reply
Squid did not receive any data for this request.

Your cache administrator is webmaster.

Where do I start? Which logs would be the best to look at first? I've tried looking at TOP on the server while he is surfing and this doesn't seem to say much. I suspect I have mis-configured something somewhere and it's actually something waiting to timeout, but what?

I don't want to clog up the forum with unneccessary logfiles and config files, so if anyone is able to help, let me know what to post (or I'm obviously happy to e-mail them to you if it is easier!)



slackspider 11-07-2006 09:38 PM

Hi Paul,

I don't know if you have this issue solved, but let me share my experience with you. I have a similar network and conditions configured as yours and was facing the same problem. My machine was a very slow machine (a 233MHz pentium mmx with 128Mb ram) but it handled squid very well before I configured dansguardian with clamav. Just for the record I used SARG for viewing user access reports and I am using slackware 10.2

I have solved this by disabling almost all phrase and word comparising. It was consuming too much cpu on the gateway and delaying a lot the viewing of webpages. By default a lot of this configuration is enabled and many are not that necessary. You can have an acl blocking porn sites using a black list provided by a website instead of this word comparising, and it would be much easier on the machine. I'm not sure what machine you are using as gateway for your home lan, but I guess it is an old one too? :)

Anyway, check the files on /etc/dansguardian (my config directory for dansguardian) and take a look at the dansguardianf1.conf. There are good options to disable and gain performance there. Each time you disable something, try restarting dansguardian. That way you will know what made difference.

Even this 233MHz oldie does not take much more time on pages that are not on the cache than the ones that are already there to download. But the word analysis was too much for her ;)

Hope I have helped.


Paulsuk 11-09-2006 02:58 PM

Thanks for that, and I'll certainly have a close look at what you suggest.

In fact, it turned out that my ClamAV was mis-configured so HavP was timing waiting in vain and then finally timing out and passing the request through. In the meantime, in some cases, Squid was giving up (hence the error message). I re-installed ClamAV and it all started to work ok :-)

At the time I posted, I was running a PII 450 with 392Mb RAM.

I've not come across SARG, any good?


All times are GMT -5. The time now is 01:29 AM.