|
|
|
|
| Компьютерный форум OSzone.net » Linux и FreeBSD » Общий по Linux » Mandriva/Mandrake - Squid + squidclamav + ClamAv - жутко тормозим |
|
|
Mandriva/Mandrake - Squid + squidclamav + ClamAv - жутко тормозим
|
|
Старожил Сообщения: 201 |
В качестве шлюза использую компьютер с Mandriva Linux 2007 PowerPack+. На нем стоит прозрачный прокси Squid.
Для проверки http траффика из инета в локальную сеть установил на шлюзе squidclamav, настроил в Squid редиректор: Код:
 redirect_program /usr/local/squidclamav/bin/squidclamav redirect_children 15 Код:
LogFile /var/log/clamav/clamd.log LogTime yes LogVerbose yes PidFile /var/run/clamav/clamd.pid TemporaryDirectory /var/lib/clamav/tmp DatabaseDirectory /var/lib/clamav LocalSocket /var/lib/clamav/clamd.socket FixStaleSocket yes TCPSocket 3310 TCPAddr 127.0.0.1 # Maximum number of threads running at the same time. # Default: 10 MaxThreads 64 ReadTimeout 300 FollowDirectorySymlinks yes FollowFileSymlinks yes # Run as another user (clamd must be started by root for this option to work) # Default: don't drop privileges User clamav # Initialize supplementary group access (clamd must be started by root). # Default: no AllowSupplementaryGroups yes ScanPE yes # Executable and Linking Format is a standard format for UN*X executables. # This option allows you to control the scanning of ELF files. # Default: yes ScanELF yes # This option enables scanning of OLE2 files, such as Microsoft Office # documents and .msi files. # Default: yes ScanOLE2 yes # Enable internal e-mail scanner. # Default: yes ScanMail yes # Perform HTML normalisation and decryption of MS Script Encoder code. # Default: yes ScanHTML yes # ClamAV can scan within archives and compressed files. # Default: yes ScanArchive yes Конфиг для Squidclamav: Код:
squidclamav.patterns.dist
# The ordering of lines is this file is critical
# Lines have the form:
# regex|regexi pattern
# abort|aborti pattern
#
redirect http://192.168.0.254/cgi-bin/clwarn.cgi
logfile /var/log/squid/squidclamav.log
# proxy http://127.0.0.1:3128
debug 0
force 1
timeout 60
clamd_ip 127.0.0.1
clamd_port 3310
# clamd_local /var/run/clamav/clamd.ctl
stat 1
abort ^.*\.gz$
abort ^.*\.bz2$
abort ^.*\.pdf$
#abort ^.*\.js$
abort ^.*\.html$
abort ^.*\.css$
#abort ^.*\.xml$
#abort ^.*\.xsl$
#abort ^.*\.js$
abort ^.*\.ico$
aborti ^.*\.gif$
aborti ^.*\.png$
aborti ^.*\.jpg$
#aborti ^.*\.swf$
content ^.*application\/.*$
regexi ^.*\.dll$
сайты стали грузиться с черепашьей скоростью. К примеру rbc.ru на компьютере в локальной сети грузился десять минут. Смотрю логи. Приведу часть clamd.log: Код:
Thu Mar 13 09:49:03 2008 -> Accepted connection on port 1846, fd 8 Thu Mar 13 09:49:03 2008 -> Accepted connection on port 1732, fd 12 Thu Mar 13 09:49:03 2008 -> Accepted connection on port 1586, fd 20 Thu Mar 13 09:49:03 2008 -> Accepted connection on port 1378, fd 64 Thu Mar 13 09:49:04 2008 -> Accepted connection on port 1949, fd 20 Thu Mar 13 09:49:04 2008 -> Accepted connection on port 1715, fd 24 Thu Mar 13 09:49:04 2008 -> Accepted connection on port 1724, fd 28 Thu Mar 13 09:49:05 2008 -> Accepted connection on port 1512, fd 36 Thu Mar 13 09:49:05 2008 -> Accepted connection on port 1632, fd 40 Thu Mar 13 09:49:05 2008 -> Accepted connection on port 1140, fd 12 Thu Mar 13 09:49:05 2008 -> Accepted connection on port 1253, fd 44 Thu Mar 13 09:49:05 2008 -> Accepted connection on port 1606, fd 48 Thu Mar 13 09:49:05 2008 -> Accepted connection on port 1695, fd 56 Thu Mar 13 09:49:05 2008 -> Accepted connection on port 1348, fd 64 Thu Mar 13 09:50:01 2008 -> Accepted connection on port 1375, fd 8 Thu Mar 13 09:50:01 2008 -> stream 1375: Eicar-Test-Signature FOUND Thu Mar 13 09:55:01 2008 -> Accepted connection on port 1852, fd 8 Thu Mar 13 09:55:01 2008 -> stream 1852: Eicar-Test-Signature FOUND Thu Mar 13 10:00:01 2008 -> Accepted connection on port 1039, fd 8 Thu Mar 13 10:00:01 2008 -> stream 1039: Eicar-Test-Signature FOUND Thu Mar 13 10:05:01 2008 -> SelfCheck: Database status OK. Thu Mar 13 10:05:01 2008 -> Accepted connection on port 1847, fd 8 Thu Mar 13 10:05:01 2008 -> stream 1847: Eicar-Test-Signature FOUND Thu Mar 13 10:10:01 2008 -> Accepted connection on port 2043, fd 8 Thu Mar 13 10:10:01 2008 -> stream 2043: Eicar-Test-Signature FOUND Thu Mar 13 10:15:01 2008 -> Accepted connection on port 1948, fd 8 Thu Mar 13 10:15:01 2008 -> stream 1948: Eicar-Test-Signature FOUND Thu Mar 13 10:20:01 2008 -> Accepted connection on port 1112, fd 8 Thu Mar 13 10:20:01 2008 -> stream 1112: Eicar-Test-Signature FOUND Thu Mar 13 10:25:01 2008 -> Accepted connection on port 1227, fd 8 Thu Mar 13 10:25:01 2008 -> stream 1227: Eicar-Test-Signature FOUND Thu Mar 13 10:30:01 2008 -> Accepted connection on port 1300, fd 8 Thu Mar 13 10:30:01 2008 -> stream 1300: Eicar-Test-Signature FOUND Смотрю лог Squidclamav: Код:
ttp://pics.rbc.ru/5e89k3j/ty5a3/djbefntrbs/fhchfjhqgser/234-200_rbk.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dtop_top.20080307113605.72759%26lid%3Dtop_top%26id%3D72759%26code%3D%21http%3A//ad.adriver.ru/cgi-bin/click.cgi%3Fsid%3D1%26ad%3D121019%26bt%3D37%26pid%3D219377%26bid%3D416304%26bn%3D416304%26rnd%3D801811192%26bn%3D416304&seed=35228 Thu Mar 13 09:49:03 2008 [30105] ERROR CURLOPT_ERRORBUFFER: Operation timed out after 60 seconds with 0 bytes received Thu Mar 13 09:49:03 2008 [30105] STAT Total process time 118.375 second(s) Thu Mar 13 09:49:03 2008 [30103] STAT Virus Scanning process time 58.953 second(s) Thu Mar 13 09:49:03 2008 [30103] STAT Total process time 59.232 second(s) Thu Mar 13 09:49:04 2008 [30095] ERROR fail downloading url http://pics.rbc.ru/1ewm9v2j/ye/a2t/ebgicvpoymk/fhjhbiaohlir/234-200_sareevo_1.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dtop_economics.20080307112043.79718%26lid%3Dtop_economics%26id%3D79718%26code%3D%21http%253A%252F%252Fwww.artgrad.info%252F&seed=51299 Thu Mar 13 09:49:04 2008 [30095] ERROR CURLOPT_ERRORBUFFER: Operation timed out after 60 seconds with 0 bytes received Thu Mar 13 09:49:04 2008 [30095] STAT Total process time 119.329 second(s) Thu Mar 13 09:49:04 2008 [30096] ERROR fail downloading url http://pics.rbc.ru/img/banners/show_flash.js Thu Mar 13 09:49:04 2008 [30096] ERROR CURLOPT_ERRORBUFFER: Operation timed out after 60 seconds with 0 bytes received Thu Mar 13 09:49:04 2008 [30096] STAT Total process time 119.322 second(s) Thu Mar 13 09:49:04 2008 [30093] STAT Virus Scanning process time 0.632 second(s) Thu Mar 13 09:49:04 2008 [30093] STAT Total process time 1.291 second(s) Thu Mar 13 09:49:04 2008 [30104] ERROR fail downloading url http://pics.rbc.ru/1ewm9v2j/ye/a2t/ebgicvpoymk/fhjhbiaohlir/234-200_sareevo_1.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dtop_economics.20080307112043.79718%26lid%3Dtop_economics%26id%3D79718%26code%3D%21http%253A%252F%252Fwww.artgrad.info%252F&seed=51299 Thu Mar 13 09:49:04 2008 [30104] ERROR CURLOPT_ERRORBUFFER: Operation timed out after 60 seconds with 5544 out of 19391 bytes received Thu Mar 13 09:49:04 2008 [30104] STAT Total process time 60.080 second(s) Thu Mar 13 09:49:04 2008 [30104] STAT Total process time 0.000 second(s) Thu Mar 13 09:49:04 2008 [30104] STAT Total process time 0.000 second(s) Thu Mar 13 09:49:04 2008 [30103] STAT Total process time 0.656 second(s) Thu Mar 13 09:49:04 2008 [30098] ERROR fail downloading url http://pics.rbc.ru/1ewm9v2j/ye/a2t/ebgicvpoymk/fhjhbiaohlir/234-200_sareevo_1.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dtop_economics.20080307112043.79718%26lid%3Dtop_economics%26id%3D79718%26code%3D%21http%253A%252F%252Fwww.artgrad.info%252F&seed=51299 Thu Mar 13 09:49:04 2008 [30098] ERROR CURLOPT_ERRORBUFFER: Operation timed out after 60 seconds with 0 bytes received Thu Mar 13 09:49:04 2008 [30098] STAT Total process time 60.284 second(s) Thu Mar 13 09:49:04 2008 [30098] STAT Total process time 0.000 second(s) Thu Mar 13 09:49:04 2008 [30100] STAT Virus Scanning process time 59.955 second(s) Thu Mar 13 09:49:04 2008 [30100] STAT Total process time 60.240 second(s) Thu Mar 13 09:49:05 2008 [30101] ERROR fail downloading url http://pics.rbc.ru/img/banners/show_flash.js Thu Mar 13 09:49:05 2008 [30101] ERROR CURLOPT_ERRORBUFFER: Operation timed out after 60 seconds with 0 bytes received Thu Mar 13 09:49:05 2008 [30101] STAT Total process time 60.051 second(s) Thu Mar 13 09:49:05 2008 [30106] STAT Virus Scanning process time 1.669 second(s) Thu Mar 13 09:49:05 2008 [30106] STAT Total process time 2.323 second(s) Thu Mar 13 09:49:05 2008 [30105] STAT Virus Scanning process time 1.955 second(s) Thu Mar 13 09:49:05 2008 [30105] STAT Total process time 2.619 second(s) Thu Mar 13 09:49:05 2008 [30101] STAT Total process time 0.570 second(s) Thu Mar 13 09:49:52 2008 [30096] ERROR fail downloading url http://pics.rbc.ru/1ewm9v2j/ye/a2t/ebgicvpoymk/fhjhbiaohlir/234-200_sareevo_1.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dtop_economics.20080307112043.79718%26lid%3Dtop_economics%26id%3D79718%26code%3D%21http%253A%252F%252Fwww.artgrad.info%252F&seed=51299 Thu Mar 13 09:49:52 2008 [30096] ERROR CURLOPT_ERRORBUFFER: couldn't connect to host Thu Mar 13 09:49:52 2008 [30096] STAT Total process time 48.128 second(s) Thu Mar 13 09:49:52 2008 [30093] ERROR fail downloading url http://pics.rbc.ru/img/banners/show_flash.js Thu Mar 13 09:49:52 2008 [30093] ERROR CURLOPT_ERRORBUFFER: couldn't connect to host Thu Mar 13 09:49:52 2008 [30093] STAT Total process time 47.833 second(s) Thu Mar 13 09:49:52 2008 [30106] ERROR fail downloading url http://pics.rbc.ru/qe8/9d/j/gya1a1/cddvnpahs/fejcjbyslujp/davidoff_234-100-3.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dfirstpage_graph2.20080311142131.49291%26lid%3Dfirstpage_graph2%26id%3D49291%26code%3D%21http%253A%252F%252Fdavidoff-parfums.ru%252F&seed=52835 Thu Mar 13 09:49:52 2008 [30106] ERROR CURLOPT_ERRORBUFFER: couldn't connect to host Thu Mar 13 09:49:52 2008 [30106] STAT Total process time 46.802 second(s) Thu Mar 13 09:49:52 2008 [30100] ERROR fail downloading url http://pics.rbc.ru/img/banners/show_flash.js Thu Mar 13 09:49:52 2008 [30100] ERROR CURLOPT_ERRORBUFFER: couldn't connect to host Thu Mar 13 09:49:52 2008 [30100] STAT Total process time 47.147 second(s) Thu Mar 13 09:49:52 2008 [30105] ERROR fail downloading url http://pics.rbc.ru/jev/9/1jzy1/a9n/deefwbdonr/fhjabbqjnmev/100p_60_1.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dbanner_news.20080303143450.79011%26lid%3Dbanner_news%26id%3D79011%26code%3D%21http%253A%252F%252Fwww.megafon.ru%252Fmain%252Ffederaloffer%252F&seed=24671 Thu Mar 13 09:49:52 2008 [30105] ERROR CURLOPT_ERRORBUFFER: couldn't connect to host Thu Mar 13 09:49:52 2008 [30104] ERROR fail downloading url http://pics.rbc.ru/ge/f90ajfy1ah/dijjygrxqs/fiaceiaaxlbh/baner_950-60_lenta_dynamic.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dfirstpage_end.20080312180149.80248%26lid%3Dfirstpage_end%26id%3D80248%26code%3D%21http%253A%252F%252Fwww.su155.ru%252Fru%252Fservice%252Fsale&seed=155 Thu Mar 13 09:49:52 2008 [30104] ERROR CURLOPT_ERRORBUFFER: Empty reply from server Thu Mar 13 09:49:52 2008 [30099] ERROR fail downloading url http://pics.rbc.ru/img/banners/show_flash.js Thu Mar 13 09:49:52 2008 [30104] STAT Total process time 47.740 second(s) Thu Mar 13 09:49:52 2008 [30099] ERROR CURLOPT_ERRORBUFFER: Empty reply from server Thu Mar 13 09:49:52 2008 [30099] STAT Total process time 107.520 second(s) Thu Mar 13 09:49:52 2008 [30102] ERROR fail downloading url http://pics.rbc.ru/pe4/9/7j5ychai/djbefntrbs/fiacfaufccxx/dell_banner_blue_static_server_rbcru_234-200_001.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dtop_left.20080312182236.80250%26lid%3Dtop_left%26id%3D80250%26code%3D%21http%253A%252F%252Fwww1.euro.dell.com%252Fcontent%252Fproducts%252Fcategory.aspx%252Fenterprise%253Fc%253Dru%2526cs%253Drubsdc%2526l%253Dru%2526s%253Dbsd&seed=35047 Thu Mar 13 09:49:52 2008 [30102] ERROR CURLOPT_ERRORBUFFER: Empty reply from server Thu Mar 13 09:49:52 2008 [30102] STAT Total process time 107.213 second(s) Thu Mar 13 09:49:52 2008 [30101] ERROR fail downloading url http://yabs.yandex.ru/resource/flashldr003.js Thu Mar 13 09:49:52 2008 [30101] ERROR CURLOPT_ERRORBUFFER: couldn't connect to host Thu Mar 13 09:49:52 2008 [30107] ERROR fail downloading url http://pics.rbc.ru/img/banners/show_flash.js Thu Mar 13 09:49:52 2008 [30101] STAT Total process time 46.501 second(s) Thu Mar 13 09:49:52 2008 [30107] ERROR CURLOPT_ERRORBUFFER: couldn't connect to host Thu Mar 13 09:49:52 2008 [30107] STAT Total process time 49.127 second(s) Thu Mar 13 09:49:52 2008 [30094] ERROR fail downloading url http://pics.rbc.ru/4e29zj/xy9/as3/ebgjgluqvuq/fhgbgdwalscy/mobilitymood_200-600_ru.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dbanner_right.20080130113452.76163%26lid%3Dbanner_right%26id%3D76163%26code%3D%21http%253A%252F%252Fbody.imho.ru%252Fclick.ng%252Fimpt%253Dimp%2526place%253Drbc_pixel%2526id%253D24010841%2526transactionId%253D571178&seed=22603 Thu Mar 13 09:49:52 2008 [30094] ERROR CURLOPT_ERRORBUFFER: Empty reply from server Thu Mar 13 09:49:52 2008 [30094] STAT Total process time 107.092 second(s) Thu Mar 13 09:49:52 2008 [30097] ERROR fail downloading url http://yabs.yandex.ru/resource/flashldr003.js Thu Mar 13 09:49:52 2008 [30097] ERROR CURLOPT_ERRORBUFFER: Empty reply from server Thu Mar 13 09:49:52 2008 [30097] STAT Total process time 107.534 second(s) Thu Mar 13 09:49:52 2008 [30095] ERROR fail downloading url http://pics.rbc.ru/5e89k3j/ty5a3/djbefntrbs/fhchfjhqgser/234-200_rbk.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dtop_top.20080307113605.72759%26lid%3Dtop_top%26id%3D72759%26code%3D%21http%3A//ad.adriver.ru/cgi-bin/click.cgi%3Fsid%3D1%26ad%3D121019%26bt%3D37%26pid%3D219377%26bid%3D416304%26bn%3D416304%26rnd%3D801811192%26bn%3D416304&seed=35228 Thu Mar 13 09:49:52 2008 [30095] ERROR CURLOPT_ERRORBUFFER: Empty reply from server Thu Mar 13 09:49:52 2008 [30098] ERROR fail downloading url http://pics.rbc.ru/ge/f90ajfy1ah/dijjygrxqs/fiaceiaaxlbh/baner_950-60_lenta_dynamic.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dfirstpage_end.20080312180149.80248%26lid%3Dfirstpage_end%26id%3D80248%26code%3D%21http%253A%252F%252Fwww.su155.ru%252Fru%252Fservice%252Fsale&seed=23757 Thu Mar 13 09:49:52 2008 [30095] STAT Total process time 48.136 second(s) Thu Mar 13 09:49:52 2008 [30098] ERROR CURLOPT_ERRORBUFFER: couldn't connect to host Thu Mar 13 09:49:52 2008 [30098] STAT Total process time 47.204 second(s) Thu Mar 13 09:49:52 2008 [30105] STAT Total process time 46.505 second(s) Thu Mar 13 09:49:52 2008 [30103] ERROR fail downloading url http://pics.rbc.ru/9e/9mjm/yoanj/djdhosddbf/fiacaistvwww/234-100.swf?link1=http%3A//banner.rbc.ru/banredir.cgi%3Fsid%3Dfirstpage_top.20080312122255.80208%26lid%3Dfirstpage_top%26id%3D80208%26code%3D%21http%253A%252F%252Fwww.carnival-kia.ru%252F&seed=11663 Thu Mar 13 09:49:52 2008 [30103] ERROR CURLOPT_ERRORBUFFER: couldn't connect to host Thu Mar 13 09:49:52 2008 [30103] STAT Total process time 47.504 second(s) Почему ERROR CURLOPT_ERRORBUFFER, и что это значит? Может это и есть причина тормозов? Или что-то не так в конфигах? Помогите пожалуйста! |
|
|
Отправлено: 19:38, 16-03-2008 |
|
Участник сейчас на форуме |
 |
Участник вне форума |
 |
Автор темы |
 |
Сообщение прикреплено |
| |||||
| Название темы | Автор | Информация о форуме | Ответов | Последнее сообщение | |
| Debian/Ubuntu - ClamAV | RZEV | Общий по Linux | 10 | 17-07-2009 09:01 | |
| Разное - Жутко тормозит система | Yazago | Microsoft Windows 2000/XP | 4 | 05-07-2008 22:55 | |
| Жутко тормозит сервер | What_This | Microsoft Windows NT/2000/2003 | 21 | 30-12-2006 11:42 | |
| Вопрос по Clamav | psytech | Общий по FreeBSD | 11 | 11-09-2004 16:11 | |
| Жутко гючит комп | Minog | Непонятные проблемы с Железом | 12 | 14-07-2003 16:03 | |
|
|
Время: 08:02. | © OSzone.net 2001-
|
|
Powered by: vBulletin Copyright ©2000 - 2025, Jelsoft Enterprises Ltd. |
