Ini pertama kalinya saya install proxy. Saya install squid LUSCA_HEAD-r14809. Sebagai nubie saya asal ngikut tutorial aja dan tidak paham teori-teorinya :D Jadinya, pas terjadi eror, pusinglah saya tak tau harus berbuat apa (halah lebay).
Oke, cukup curhatnya, intinya sekarang saya mau share saja informasi-informasi yang ada di access.log. untuk listening proxy kita. Untuk listening kita bisa pakai perintah tail -f. Misalnya file access.log saya ada di directory var/log/squid, maka saya masukan perintah berikut :
Setelah masukkan perintah tadi kita dapat informasi misalnya seperti gambar berikut
nah, karena masih neubie, saya bingung membaca informasi-informasi tersebut.
Akhirnya saya dapat informasi keterangan dari informasi-informasi tersebut dari sini
Berikut saya tempelkan informasinya
Native Format (emulate_httpd_log off)
Oke, cukup curhatnya, intinya sekarang saya mau share saja informasi-informasi yang ada di access.log. untuk listening proxy kita. Untuk listening kita bisa pakai perintah tail -f. Misalnya file access.log saya ada di directory var/log/squid, maka saya masukan perintah berikut :
tail -f /var/log/squid/access.logbiar informasi yang ditampilkan bisa warna-warni indah dipandang mata dan lebih utama yaitu mudah membacanya, maka tambahkan ccze, jadi seperti ini
tail -f /var/log/squid/access.log | cczetp sebelumnya install ccze nya bisa dari packagenya langsung. Tapi apa itu ccze? lain kali insyaAlloh saya juga postingin itu biar saya ga lupa. tapi kali ini, access.log dulu deh.
Setelah masukkan perintah tadi kita dapat informasi misalnya seperti gambar berikut
nah, karena masih neubie, saya bingung membaca informasi-informasi tersebut.
Akhirnya saya dapat informasi keterangan dari informasi-informasi tersebut dari sini
Berikut saya tempelkan informasinya
Native Format (emulate_httpd_log off)
Timestamp Elapsed Client Action/Code Size Method URI Ident Hierarchy/From Content
Common Format (emulate_httpd_log on)
Client Ident - [Timestamp1] "Method URI" Type Size
with:
dengan keterangan sebagai berikut:
Timestamp
| The time when the request is completed (socket closed). The format is "Unix time" (seconds since Jan 1, 1970) with millisecond resolution. |
Timestamp1
| When the request is completed (Day/Month/CenturyYear:Hour:Minute:Second GMT-Offset) |
Elapsed
| The elapsed time of the request, in milliseconds. This is the time between the accept() and close() of the client socket. |
Client
| The IP address of the connecting client, or the FQDN if the 'log_fqdn' option is enabled in the config file. |
Action
| The Action describes how the request was treated locally (hit, miss, etc). All the tags are described below. |
Code
| The HTTP reply code taken from the first line of the HTTP reply header. For ICP requests this is always "000." If the reply code was not given, it will be logged as "555." |
Size
| For TCP requests, the amount of data written to the client. For UDP requests, the size of the request. (in bytes) |
Method
| The HTTP request method (GET, POST, etc), or ICP_QUERY for ICP requests. |
URI
| The requested URI. |
Ident
| The result of the RFC931/ident lookup of the client username. If RFC931/ident lookup is disabled (default: `ident_lookup off'), it is logged as - . |
Hierarchy
| A description of how and where the requested object was fetched. |
From
| Hostname of the machine where we got the object. |
Content
| Content-type of the Object (from the HTTP reply header). |
Action
| "TCP_" refers to requests on the HTTP port (3128) | |
|---|---|
| TCP_HIT | A valid copy of the requested object was in the cache. |
| TCP_MISS | The requested object was not in the cache. |
| TCP_REFRESH_HIT | An expired copy of the requested object was in the cache. Squid made an If-Modified-Since request and the response was "Not Modified." |
| TCP_REFRESH_FAIL_HIT | An expired copy of the requested object was in the cache. Squid attempted to make an If-Modified-Since request, but it failed. The old (stale) object was delivered to the client. |
| TCP_REFRESH_MISS | An expired copy of the requested object was in the cache. Squid made an If-Modified-Since request and received a new, different object. |
| TCP_CLIENT_REFRESH | The client issued a request with the "no-cache" pragma. ("reload" - handled as MISS) |
| TCP_IMS_HIT | An If-Modified-Since GET request was received from the client. A valid copy of the object was in the cache (fresh). |
| TCP_IMS_MISS | An If-Modified-Since GET request was received from the client. The requested object was not in the cache (stale). |
| TCP_SWAPFAIL | The object was believed to be in the cache, but could not be accessed. |
| TCP_DENIED | Access was denied for this request. |
| "UDP_" refers to requests on the ICP port (3130) | |
|---|---|
| UDP_HIT | A valid copy of the requested object was in the cache |
| UDP_HIT_OBJ | Same as UDP_HIT, but the object data was small enough to be sent in the UDP reply packet. Saves the following TCP request. |
| UDP_MISS | The requested object was not in the cache |
| UDP_DENIED | Access was denied for this request |
| UDP_INVALID | An invalid request was received. |
| UDP_RELOADING | The neighbor cache is reloading its disk store metadata and does not want any TCP requests for MISSES until it is finished. |
| Errors | |
|---|---|
| ERR_READ_TIMEOUT | The remote site or network is unreachable - may be down. |
| ERR_LIFETIME_EXP | The remote site or network may be too slow or down. |
| ERR_NO_CLIENTS_BIG_OBJ | All Clients went away before tranmission completed and the object is too big to cache. |
| ERR_READ_ERROR | The remote site or network may be down. |
| ERR_CLIENT_ABORT | Client dropped connection before transmission completed. Squid fetches the Object according to its settings for `quick_abort'. |
| ERR_CONNECT_FAIL | The remote site or server may be down. |
| ERR_INVALID_REQ | Invalid HTTP request |
| ERR_UNSUP_REQ | Unsupported request |
| ERR_INVALID_URL | Invalid URL syntax |
| ERR_NO_FDS | Out of file descriptors |
| ERR_DNS_FAIL | DNS name lookup failure |
| ERR_NOT_IMPLEMENTED | Protocol Not Supported |
| ERR_CANNOT_FETCH | The requested URL can not currently be retrieved. |
| ERR_NO_RELAY | There is no WAIS relay host defined for this cache. |
| ERR_DISK_IO | The system disk is out of space or failing. |
| ERR_ZERO_SIZE_OBJECT | The remote server closed the connection before sending any data. |
| ERR_FTP_DISABLED | This cache is configured to NOT retrieve FTP objects. |
| ERR_PROXY_DENIED | Access Denied. The user must authenticate himself before accessing this cache. |
Methodes
| GET | Request URL |
| HEAD | Request only HTTP headers of the supplied URL and no document body |
| POST | Transfer data to the supplied URL |
| PUT | Store data under the supplied URL |
| CONNECT | Forward data to SSL-Server:Port |
| ICP_QUERY | Request from a Parent/Neighbor for the supplied URL |
| NONE | Request of an unsupported method |
Hierarchy
| NONE | The object requested by a sibling, was not in my cache. |
| DIRECT | The object has been requested from the origin server. |
| SIBLING_HIT | The object was requested from a neighbor cache which replied with a UDP_HIT (formerly logged as NEIGHBOR_HIT). |
| PARENT_HIT | The object was requested from a parent cache which replied with a UDP_HIT. |
| DEFAULT_PARENT | The object was requested from a default parent cache appropriate for this URL. |
| SINGLE_PARENT | The object was requested from the only parent cache appropriate for this URL. |
| FIRST_UP_PARENT | The object has been requested from the first available parent in your list. |
| NO_PARENT_DIRECT | The object was requested from the origin server because no parent caches exist for the URL. |
| FIRST_PARENT_MISS | The object has been requested from the parent cache with the fastest weighted round trip time. |
| ROUNDROBIN_PARENT | No ICP queries were received from any parent caches. This parent was chosen because it was marked as 'default' in the config file and it had the lowest round-robin use count. |
| CLOSEST_PARENT_MISS | This parent was selected because it included the lowest RTT measurement to the origin server. This only appears with 'query_icmp on' set in the config file. |
| CLOSEST_DIRECT | The object was fetched directly from the origin server because this cache measured a lower RTT than any of the parent caches. |
| LOCAL_IP_DIRECT | The object has been requested from the origin server because the origin host IP address matched your 'local_ip' list. |
| FIREWALL_IP_DIRECT | The object has been requested from the origin server because the origin host IP address is inside your firewall. |
| NO_DIRECT_FAIL | The object could not be requested because of firewall restrictions and no parent caches were available. |
| SOURCE_FASTEST | The object was requested from the origin server because the 'source_ping' reply arrived first. |
| SIBLING_UDP_HIT_OBJ | The object was received in a UDP_HIT_OBJ reply from a neighbor cache (formerly logged as UDP_HIT_OBJ). |
| PARENT_UDP_HIT_OBJ | The object was received in a UDP_HIT_OBJ reply from a parent cache (formerly logged as UDP_HIT_OBJ). |
| PASSTHROUGH_PARENT | The neighbor or proxy defined in the config option 'passthrough_proxy' was used. |
| SSL_PARENT_MISS | The neighbor or proxy defined in the config option 'ssl_proxy' was used. |
Semoga bermanfaat ^_^
No comments:
Post a Comment