journalctl -u squid
févr. 24 22:30:53 kooz1.odion-grenoble.fr systemd[1]: Stopped Squid caching proxy.
-- Reboot --
févr. 24 22:34:49 kooz1.odion-grenoble.fr systemd[1]: Starting Squid caching proxy.
févr. 24 22:34:49 kooz1.odion-grenoble.fr systemd[1]: Started Squid caching proxy.
avril 18 20:57:45 kooz1.odion-grenoble.fr systemd[1]: Stopping Squid caching proxy.
avril 18 20:57:48 kooz1.odion-grenoble.fr systemd[1]: Stopped Squid caching proxy.
-- Reboot --
avril 18 20:01:45 kooz1.odion-grenoble.fr systemd[1]: Starting Squid caching proxy.
avril 18 20:01:45 kooz1.odion-grenoble.fr squid[2101]: squid: ERROR: Could not send
avril 18 20:01:45 kooz1.odion-grenoble.fr systemd[1]: squid.service: control proces
avril 18 20:01:45 kooz1.odion-grenoble.fr systemd[1]: Failed to start Squid caching
avril 18 20:01:45 kooz1.odion-grenoble.fr systemd[1]: Unit squid.service entered fa
avril 18 20:01:45 kooz1.odion-grenoble.fr systemd[1]: squid.service failed.
-- Reboot --
mai 07 11:10:25 kooz1.odion-grenoble.fr systemd[1]: Starting Squid caching proxy...
mai 07 11:10:26 kooz1.odion-grenoble.fr systemd[1]: Started Squid caching proxy.
Donc ce ne serait pas lors des dernières màj mais lors des précédentes où, ayant beaucoup de retard dans les màj, il y a eu beaucoup de paquets màj.
Visualisation des fichiers journaux
/var/log/squid/squid.log: Affiché le sam 07 mai 2022 17:41:08 CEST.
May 7 11:10:26 kooz1 squid[2087]: Squid Parent: will start 1 kids
May 7 11:10:26 kooz1 squid[2087]: Squid Parent: (squid-1) process 2090 started
Le journal précédent date de février et il n'y a rien d'autre que dans celui-là.
Visualisation des fichiers journaux
/var/log/squid/cache.log: Affiché le sam 07 mai 2022 17:43:48 CEST.
2022/05/01 03:19:10| Current Directory is /
2022/05/02 01:51:01| Current Directory is /root
2022/05/03 01:51:01| Current Directory is /root
2022/05/04 01:51:02| Current Directory is /root
2022/05/05 01:51:01| Current Directory is /root
2022/05/06 01:51:02| Current Directory is /root
2022/05/07 01:51:01| Current Directory is /root
2022/05/07 11:10:26 kid1| Current Directory is /
2022/05/07 11:10:26 kid1| Starting Squid Cache version 3.5.20 for x86_64-redhat-linux-gnu...
2022/05/07 11:10:26 kid1| Service Name: squid
2022/05/07 11:10:26 kid1| Process ID 2090
2022/05/07 11:10:26 kid1| Process Roles: worker
2022/05/07 11:10:26 kid1| With 4096 file descriptors available
2022/05/07 11:10:26 kid1| Initializing IP Cache...
2022/05/07 11:10:26 kid1| DNS Socket created at 0.0.0.0, FD 6
2022/05/07 11:10:26 kid1| Adding domain odion-psygrenoble.fr from /etc/resolv.conf
2022/05/07 11:10:26 kid1| Adding nameserver 192.168.64.1 from /etc/resolv.conf
2022/05/07 11:10:26 kid1| Logfile: opening log /var/log/squid/access.log
2022/05/07 11:10:26 kid1| WARNING: log name now starts with a module name. Use 'stdio:/var/log/squid/access.log'
2022/05/07 11:10:26 kid1| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2022/05/07 11:10:26 kid1| Store logging disabled
2022/05/07 11:10:26 kid1| Swap maxSize 0 + 262144 KB, estimated 87381 objects
2022/05/07 11:10:26 kid1| Target number of buckets: 4369
2022/05/07 11:10:26 kid1| Using 8192 Store buckets
2022/05/07 11:10:26 kid1| Max Mem size: 262144 KB
2022/05/07 11:10:26 kid1| Max Swap size: 0 KB
2022/05/07 11:10:26 kid1| Using Least Load store dir selection
2022/05/07 11:10:26 kid1| Current Directory is /
2022/05/07 11:10:26 kid1| Finished loading MIME types and icons.
2022/05/07 11:10:26 kid1| HTCP Disabled.
2022/05/07 11:10:26 kid1| Squid plugin modules loaded: 0
2022/05/07 11:10:26 kid1| Adaptation support is off.
2022/05/07 11:10:26 kid1| Accepting HTTP Socket connections at local=192.168.64.1:3128 remote=[::] FD 9 flags=9
2022/05/07 11:10:26 kid1| Accepting HTTP Socket connections at local=127.0.0.1:3128 remote=[::] FD 10 flags=9
2022/05/07 11:10:26 kid1| Accepting NAT intercepted HTTP Socket connections at local=192.168.64.1:8080 remote=[::] FD 11 flags=41
2022/05/07 11:10:26 kid1| Accepting NAT intercepted HTTP Socket connections at local=127.0.0.1:8080 remote=[::] FD 12 flags=41
2022/05/07 11:10:27 kid1| storeLateRelease: released 0 objects
Dans ce même journal au 21 avril, il n'y qu'une seule ligne :
2022/05/03 01:51:01| Current Directory is /root
et dans le journal access-log de squid :
/var/log/squid/access.log-20220424.gz: Affiché le sam 07 mai 2022 17:48:49 CEST.
Mon Apr 18 19:33:37 2022 55 192.168.64.101 TCP_MISS/200 981 POST http://ocsp.digicert.com/ - ORIGINAL_DST/93.184.220.29 application/ocsp-response
Mon Apr 18 19:33:37 2022 62 192.168.64.101 TCP_MISS/200 981 POST http://ocsp.digicert.com/ - ORIGINAL_DST/93.184.220.29 application/ocsp-response
Mon Apr 18 19:33:37 2022 51 192.168.64.101 TCP_MISS/200 981 POST http://ocsp.digicert.com/ - ORIGINAL_DST/93.184.220.29 application/ocsp-response
Mon Apr 18 19:47:23 2022 43 192.168.64.101 TCP_MISS/200 1046 POST http://r3.o.lencr.org/ - ORIGINAL_DST/92.123.236.217 application/ocsp-response
Mon Apr 18 19:47:41 2022 38 192.168.64.101 TCP_MISS/200 980 POST http://ocsp.digicert.com/ - ORIGINAL_DST/93.184.220.29 application/ocsp-response
Mon Apr 18 20:00:18 2022 38 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 396 GET http://detectportal.firefox.com/success.txt? - ORIGINAL_DST/34.107.221.82 text/plain
Mon Apr 18 20:13:46 2022 87 192.168.64.101 TCP_MISS/200 896 POST http://ocsp.pki.goog/s/gts1d4/KPA-y2O-mFE - ORIGINAL_DST/142.250.203.227 application/ocsp-response
Mon Apr 18 20:13:46 2022 92 192.168.64.101 TCP_MISS/200 896 POST http://ocsp.pki.goog/s/gts1d4/KPA-y2O-mFE - ORIGINAL_DST/142.250.203.227 application/ocsp-response
Mon Apr 18 20:25:30 2022 39 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 477 GET http://detectportal.firefox.com/canonical.html - ORIGINAL_DST/34.107.221.82 text/html
Mon Apr 18 20:25:30 2022 20 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 396 GET http://detectportal.firefox.com/success.txt? - ORIGINAL_DST/34.107.221.82 text/plain
Mon Apr 18 20:25:32 2022 38 192.168.64.101 TCP_MISS/200 981 POST http://ocsp.digicert.com/ - ORIGINAL_DST/93.184.220.29 application/ocsp-response
Mon Apr 18 20:25:35 2022 138 192.168.64.101 TCP_MISS/200 884 POST http://ocsp.pki.goog/gts1c3 - ORIGINAL_DST/142.250.203.227 application/ocsp-response
Mon Apr 18 20:25:35 2022 144 192.168.64.101 TCP_MISS/200 884 POST http://ocsp.pki.goog/gts1c3 - ORIGINAL_DST/142.250.203.227 application/ocsp-response
Mon Apr 18 20:25:35 2022 150 192.168.64.101 TCP_MISS/200 884 POST http://ocsp.pki.goog/gts1c3 - ORIGINAL_DST/142.250.203.227 application/ocsp-response
Mon Apr 18 20:26:28 2022 485 192.168.64.101 TCP_TUNNEL/200 6608 CONNECT incoming-telemetry.thunderbird.net:443 - HIER_DIRECT/34.231.78.0 -
Mon Apr 18 20:26:28 2022 541 192.168.64.101 TCP_TUNNEL/200 6608 CONNECT incoming-telemetry.thunderbird.net:443 - HIER_DIRECT/34.231.78.0 -
Mon Apr 18 20:26:28 2022 562 192.168.64.101 TCP_TUNNEL/200 6608 CONNECT incoming-telemetry.thunderbird.net:443 - HIER_DIRECT/34.231.78.0 -
Mon Apr 18 20:26:28 2022 581 192.168.64.101 TCP_TUNNEL/200 6608 CONNECT incoming-telemetry.thunderbird.net:443 - HIER_DIRECT/34.231.78.0 -
Mon Apr 18 20:26:28 2022 602 192.168.64.101 TCP_TUNNEL/200 6608 CONNECT incoming-telemetry.thunderbird.net:443 - HIER_DIRECT/34.231.78.0 -
Mon Apr 18 20:26:29 2022 21 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 477 GET http://detectportal.firefox.com/canonical.html - ORIGINAL_DST/34.107.221.82 text/html
Mon Apr 18 20:26:29 2022 20 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 396 GET http://detectportal.firefox.com/success.txt? - ORIGINAL_DST/34.107.221.82 text/plain
Mon Apr 18 20:26:39 2022 65212 192.168.64.101 TCP_TUNNEL/200 5759 CONNECT www.signal-spam.fr:443 - HIER_DIRECT/87.98.182.162 -
Mon Apr 18 20:28:23 2022 170638 192.168.64.101 TCP_TUNNEL/200 9922 CONNECT status.framasoft.org:443 - HIER_DIRECT/176.9.199.8 -
Mon Apr 18 20:28:23 2022 170775 192.168.64.101 TCP_TUNNEL/200 6978 CONNECT live.thunderbird.net:443 - HIER_DIRECT/172.67.74.82 -
Mon Apr 18 20:28:23 2022 173228 192.168.64.101 TCP_TUNNEL/200 7505 CONNECT thunderbird-settings.thunderbird.net:443 - HIER_DIRECT/104.26.2.27 -
Mon Apr 18 20:28:24 2022 171522 192.168.64.101 TCP_TUNNEL/200 284919 CONNECT start.thunderbird.net:443 - HIER_DIRECT/104.26.3.27 -
Mon Apr 18 20:30:18 2022 231259 192.168.64.101 TCP_TUNNEL/200 7890 CONNECT incoming-telemetry.thunderbird.net:443 - HIER_DIRECT/34.231.78.0 -
Mon Apr 18 20:31:58 2022 49 192.168.64.101 TCP_MISS/200 1046 POST http://r3.o.lencr.org/ - ORIGINAL_DST/92.123.236.192 application/ocsp-response
Mon Apr 18 20:35:15 2022 170342 192.168.64.101 TCP_TUNNEL/200 58014 CONNECT doc-0g-10-docs.googleusercontent.com:443 - HIER_DIRECT/142.251.37.193 -
Mon Apr 18 20:35:15 2022 170974 192.168.64.101 TCP_TUNNEL/200 6384 CONNECT mailfoogae.appspot.com:443 - HIER_DIRECT/142.251.37.244 -
Mon Apr 18 20:35:15 2022 171031 192.168.64.101 TCP_TUNNEL/200 8892 CONNECT drive.google.com:443 - HIER_DIRECT/142.250.201.46 -
Mon Apr 18 20:35:28 2022 595023 192.168.64.101 TCP_TUNNEL/200 738336 CONNECT vrf01.signal-spam.fr:443 - HIER_DIRECT/147.135.160.185 -
Mon Apr 18 20:46:04 2022 1230351 192.168.64.101 TCP_TUNNEL/200 9691 CONNECT vrf01.signal-spam.fr:443 - HIER_DIRECT/147.135.160.185 -
Mon Apr 18 20:47:54 2022 48 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 395 GET http://detectportal.firefox.com/success.txt? - HIER_DIRECT/34.107.221.82 text/plain
Mon Apr 18 20:47:54 2022 43 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 395 GET http://detectportal.firefox.com/success.txt? - ORIGINAL_DST/34.107.221.82 text/plain
Mon Apr 18 20:49:46 2022 38 192.168.64.101 TCP_MISS/200 981 POST http://ocsp.digicert.com/ - ORIGINAL_DST/93.184.220.29 application/ocsp-response
Mon Apr 18 20:49:46 2022 113 192.168.64.101 TCP_MISS/200 1046 POST http://r3.o.lencr.org/ - ORIGINAL_DST/92.123.236.200 application/ocsp-response
Mon Apr 18 20:49:46 2022 60 192.168.64.101 TCP_MISS/200 1047 POST http://r3.o.lencr.org/ - ORIGINAL_DST/92.123.236.200 application/ocsp-response
Mon Apr 18 20:49:46 2022 65 192.168.64.101 TCP_MISS/200 1047 POST http://r3.o.lencr.org/ - ORIGINAL_DST/92.123.236.200 application/ocsp-response
Mon Apr 18 20:49:46 2022 78 192.168.64.101 TCP_MISS/200 947 POST http://ocsp.digicert.com/ - ORIGINAL_DST/93.184.220.29 application/ocsp-response
Mon Apr 18 20:49:53 2022 178 192.168.64.101 TCP_MISS/200 1047 POST http://r3.o.lencr.org/ - ORIGINAL_DST/92.123.236.200 application/ocsp-response
Mon Apr 18 20:49:54 2022 47 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 477 GET http://detectportal.firefox.com/canonical.html - ORIGINAL_DST/34.107.221.82 text/html
Mon Apr 18 20:49:54 2022 19 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 395 GET http://detectportal.firefox.com/success.txt? - ORIGINAL_DST/34.107.221.82 text/plain
Mon Apr 18 20:50:58 2022 170422 192.168.64.101 TCP_TUNNEL/200 917 CONNECT vrf01.signal-spam.fr:443 - HIER_DIRECT/147.135.160.185 -
Mon Apr 18 20:53:04 2022 58 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 478 GET http://detectportal.firefox.com/canonical.html - ORIGINAL_DST/34.107.221.82 text/html
Mon Apr 18 20:53:04 2022 21 192.168.64.101 TCP_CLIENT_REFRESH_MISS/200 395 GET http://detectportal.firefox.com/success.txt? - ORIGINAL_DST/34.107.221.82 text/plain