HTTP Anti-Virus Proxy http://havp.hege.li/forum/ |
|
Why my HAVP is so slow http://havp.hege.li/forum/viewtopic.php?f=3&t=666 |
Page 1 of 1 |
Author: | iskaldvind [ 30 Dec 2011 12:25 ] |
Post subject: | Why my HAVP is so slow |
Good day! I have a Squid3+ClamAv+HAVP installed on my Ubuntu 10.04 server with 4Gb RAM. There are about 400 users in our company and an internet channel of 100Mbit/s. The S+C+H group do not load system even at half, but internet connections is terribly slow - web pages like google.com loads about 10-15 seconds. When I turn off HAVP and make S+C working - any web page loads in a moments. ----------------------------------------------- Squid configuration: Code: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain="****.RU" auth_param ntlm children 100 auth_param ntlm keep_alive on acl CONNECT method CONNECT acl localnet src 10.105.6.0/24 acl localnet src 172.16.0.0/16 acl localnet src 192.168.0.0/16 acl _sams_4ea7cad44302c proxy_auth "/etc/squid/4ea7cad44302c.sams" acl _sams_4ea7cad44302c_time time MTWHFAS 00:00-23:59 acl manager proto cache_object acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http http_access allow _sams_4ea7cad44302c _sams_4ea7cad44302c_time http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all http_port 192.168.2.3:3128 cache_peer 127.0.0.1 parent 3127 0 default no-query logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt access_log /var/log/squid/access.log squid cache_log /var/log/squid/cache.log coredump_dir /var/cache refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 memory_pools off forwarded_for on HAVP configuration: Code: ACCESSLOG=/var/log/havp/access.log ARCAVIRSOCKET=/var/run/arcavird.socket ARCAVIRVERSION=2007 AVASTPORT=5036 AVASTSERVER= AVASTSOCKET=/var/run/avast4/local.sock AVESOCKET=/var/run/aveserver AVGPORT=55555 AVGSERVER=127.0.0.1 BIND_ADDRESS=127.0.0.1 BLACKLIST=/etc/havp/blacklist CLAMBLOCKBROKEN=FALSE CLAMBLOCKENCRYPTED=FALSE CLAMBLOCKMAX=FALSE CLAMDBDIR=/var/lib/clamav CLAMDPORT=3310 CLAMDSERVER= CLAMDSOCKET=/tmp/clamd CLAMMAXFILES=50 CLAMMAXFILESIZE=10 CLAMMAXRECURSION=2 CLAMMAXSCANSIZE=20 DAEMON=TRUE DBRELOAD=60 DISABLELOCKINGFOR=ClamAV:BinHex ClamAV:PDF ClamAV:ZIP AVG:ALL DISPLAYINITIALMESSAGES=TRUE DRWEBHEURISTIC=TRUE DRWEBMALWARE=TRUE DRWEBPORT=3000 DRWEBSERVER= DRWEBSOCKET=/var/drweb/run/.daemon ENABLEARCAVIR=FALSE ENABLEAVAST=FALSE ENABLEAVESERVER=FALSE ENABLEAVG=FALSE ENABLECLAMD=FALSE ENABLECLAMLIB=TRUE ENABLEDRWEB=FALSE ENABLEFPROT=FALSE ENABLENOD32=FALSE ENABLESOPHIE=FALSE ENABLETROPHIE=FALSE ERRORLOG=/var/log/havp/error.log FAILSCANERROR=FALSE FORWARDED_IP=TRUE FPROTOPTIONS= FPROTPORT=10200 FPROTSERVER=127.0.0.1 GROUP=havp IGNOREVIRUS= KEEPBACKBUFFER=200000 KEEPBACKTIME=5 LOGLEVEL=1 LOG_OKS=FALSE MAXDOWNLOADSIZE=0 MAXSCANSIZE=5000000 MAXSERVERS=80 NOD32SOCKET=/tmp/nod32d.sock NOD32VERSION=25 PARENTPORT=0 PARENTPROXY= PIDFILE=/var/run/havp/havp.pid PORT=3127 PRELOADZIPHEADER=TRUE RANGE=TRUE SCANIMAGES=TRUE SCANNERTIMEOUT=5 SCANTEMPFILE=/var/spool/havp/havp-XXXXXX SERVERNUMBER=60 SOPHIESOCKET=/var/run/sophie SOURCE_ADDRESS= STREAMSCANSIZE=20000 STREAMUSERAGENT= SYSLOGFACILITY=daemon SYSLOGLEVEL=info SYSLOGNAME=havp SYSLOGVIRUSLEVEL=warning TEMPDIR=/var/spool/havp TEMPLATEPATH=/etc/havp/templates/ru TRANSPARENT=FALSE TRICKLING=30 TRICKLINGBYTES=1 TROPHIEMAXFILES=50 TROPHIEMAXFILESIZE=10 TROPHIEMAXRATIO=250 USER=havp USESYSLOG=FALSE WHITELIST=/etc/havp/whitelist WHITELISTFIRST=TRUE X_FORWARDED_FOR=FALSE HAVP error.log: Code: ...
30/12/2011 12:28:01 (192.168.2.206) Could not send body to browser 30/12/2011 12:28:02 (81.19.85.116) Could not read server header (192.168.2.162/lenta.ru:80) 30/12/2011 12:28:02 (192.168.4.102) Could not send body to browser 30/12/2011 12:28:03 (192.168.4.171) Could not send body to browser 30/12/2011 12:28:03 (192.168.6.217) Could not send body to browser 30/12/2011 12:28:05 (94.100.187.197) Could not read server header (192.168.4.150/rs.mail.ru:80) 30/12/2011 12:28:10 (192.168.4.98) Could not send body to browser 30/12/2011 12:28:10 (81.19.85.116) Could not read server header (192.168.2.162/lenta.ru:80) 30/12/2011 12:28:11 (192.168.2.205) Could not send body to browser 30/12/2011 12:28:14 (127.0.0.1) Invalid request from browser 30/12/2011 12:28:14 (192.168.4.171) Could not send body to browser 30/12/2011 12:28:15 (192.168.6.217) Could not send body to browser 30/12/2011 12:28:15 (94.100.187.197) Could not read server header (10.105.6.119/rs.mail.ru:80) 30/12/2011 12:28:16 (192.168.2.205) Could not send body to browser 30/12/2011 12:28:19 (81.19.85.116) Could not read server header (192.168.2.162/lenta.ru:80) 30/12/2011 12:28:23 (87.248.207.253) Could not read server header (192.168.6.209/cdn.eyewonder.com:80) 30/12/2011 12:28:24 (192.168.4.102) Could not send body to browser 30/12/2011 12:28:25 (94.100.187.167) Could not read server header (192.168.2.205/img.imgsmail.ru:80) 30/12/2011 12:28:26 (192.168.4.158) Could not send body to browser 30/12/2011 12:28:27 (81.19.85.116) Could not read server header (192.168.2.162/lenta.ru:80) 30/12/2011 12:28:27 (78.140.152.30) Could not read server header (10.105.6.138/im1-tub.com:80) 30/12/2011 12:28:28 (192.168.4.171) Could not send body to browser 30/12/2011 12:28:30 (192.168.6.217) Could not send body to browser 30/12/2011 12:28:30 (192.168.4.102) Could not send body to browser 30/12/2011 12:28:30 (10.105.6.86) Could not send body to browser 30/12/2011 12:28:30 (10.105.6.86) Could not send body to browser 30/12/2011 12:28:31 (192.168.2.205) Could not send body to browser 30/12/2011 12:28:35 (81.19.85.116) Could not read server header (192.168.2.162/lenta.ru:80) 30/12/2011 12:28:41 (192.168.4.171) Could not send body to browser 30/12/2011 12:28:41 (10.105.6.138) Could not send body to browser 30/12/2011 12:28:43 (192.168.6.217) Could not send body to browser 30/12/2011 12:28:43 (192.168.2.205) Could not send body to browser 30/12/2011 12:28:46 (192.168.14.29) Could not send body to browser 30/12/2011 12:28:51 (192.168.4.144) Could not send body to browser 30/12/2011 12:28:51 (192.168.2.205) Could not send body to browser 30/12/2011 12:28:51 (192.168.4.171) Could not send body to browser 30/12/2011 12:28:52 (192.168.6.217) Could not send body to browser 30/12/2011 12:28:55 (192.168.4.98) Could not send body to browser 30/12/2011 12:29:34 (10.105.6.140) Could not send body to browser ... |
Page 1 of 1 | All times are UTC + 2 hours [ DST ] |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |