Last Updated: 22/01/2015 > Minor Updates including mismatch value in marked packets
ZPH in Action 🙂
ZPH is a squid patch that enables SQUID to mark cached packets , so that it can later used by the Mikrotik or squid itself to bypass cached contents from Speed Package.
Z.P.H directives config which works with SQUID 2.7 doesn’t work with new version of SQUID i.e 3.x
Use the following directives in /etc/squid3/squid.conf
# ZPH for Squid3 / zaib qos_flows local-hit=0x30
then reload squid config by
squid -k rec
Now at Mikrotik, use following rules …
Queue Rule For Mikrotik 5.x
/ip firewall mangle add action=mark-packet chain=prerouting comment="MARK_CACHE_HIT_FROM_PROXY_ZAIB" disabled=no dscp=12 new-packet-mark=zph-hit passthrough=no /queue tree add burst-limit=0 burst-threshold=0 burst-time=0s comment="Queue for SQUID CACHE HIT for ZPH / zaib" disabled=no limit-at=0 max-limit=0 name=Proxy packet-mark=zph-hit parent=global-out priority=1 queue=default
Queue Rule For Mikrotik 6.x
/ip firewall mangle add action=mark-packet chain=prerouting comment="MARK_CACHE_HIT_FROM_PROXY_ZAIB" disabled=no dscp=12 new-packet-mark=zph-hit passthrough=no /queue simple add max-limit=100M/100M name="ZPH-Proxy Cache Hit Simple Queue / Syed Jahanzaib >aacable@hotmail.com" packet-marks=zph-hit priority=1/1 target="" total-priority=1
.
If you have hotspot, then dynamic queue always get on top, so you ahve to apply this line in hotspot user profile, so that every time hotspot user login, zph queue should move on top.
☺
Regard’s
SYED JAHANZAIB
getting error on squid version 3.1.10
cache_cf.cc(364) parseOneConfigFile: squid.conf:387 unrecognized: ‘qos_flows’
:S
LikeLike
Comment by Hammad — August 16, 2013 @ 6:52 PM
what squid version you are using ? its intended for squid 3.1.x
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — August 19, 2013 @ 9:04 AM
its 3.1.10 using centos 6, 64bit
LikeLike
Comment by Hammad — August 19, 2013 @ 12:07 PM
any suggestion?? still getting below error :S
cache_cf.cc(364) parseOneConfigFile: squid.conf:387 unrecognized: ‘qos_flows’
LikeLike
Comment by Hammad — August 26, 2013 @ 12:02 PM
what’s the output of following command? Post complete output.
squid -v
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — August 26, 2013 @ 12:04 PM
Squid Cache: Version 3.1.10
configure options: ‘–build=x86_64-redhat-linux-gnu’ ‘–host=x86_64-redhat-linux-gnu’ ‘–target=x86_64-redhat-linux-gnu’ ‘–program-prefix=’ ‘–prefix=/usr’ ‘–e
xec-prefix=/usr’ ‘–bindir=/usr/bin’ ‘–sbindir=/usr/sbin’ ‘–sysconfdir=/etc’ ‘–datadir=/usr/share’ ‘–includedir=/usr/include’ ‘–libdir=/usr/lib64’ ‘–libexec
dir=/usr/libexec’ ‘–sharedstatedir=/var/lib’ ‘–mandir=/usr/share/man’ ‘–infodir=/usr/share/info’ ‘–enable-internal-dns’ ‘–disable-strict-error-checking’ ‘–e
xec_prefix=/usr’ ‘–libexecdir=/usr/lib64/squid’ ‘–localstatedir=/var’ ‘–datadir=/usr/share/squid’ ‘–sysconfdir=/etc/squid’ ‘–with-logdir=$(localstatedir)/log
/squid’ ‘–with-pidfile=$(localstatedir)/run/squid.pid’ ‘–disable-dependency-tracking’ ‘–enable-arp-acl’ ‘–enable-follow-x-forwarded-for’ ‘–enable-auth=basic,
digest,ntlm,negotiate’ ‘–enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL,DB,POP3,squid_radius_auth’ ‘–enable-ntlm-auth-helpe
rs=smb_lm,no_check,fakeauth’ ‘–enable-digest-auth-helpers=password,ldap,eDirectory’ ‘–enable-negotiate-auth-helpers=squid_kerb_auth’ ‘–enable-external-acl-help
ers=ip_user,ldap_group,session,unix_group,wbinfo_group’ ‘–enable-cache-digests’ ‘–enable-cachemgr-hostname=localhost’ ‘–enable-delay-pools’ ‘–enable-epoll’ ‘-
-enable-icap-client’ ‘–enable-ident-lookups’ ‘–enable-linux-netfilter’ ‘–enable-referer-log’ ‘–enable-removal-policies=heap,lru’ ‘–enable-snmp’ ‘–enable-ssl
‘ ‘–enable-storeio=aufs,diskd,ufs’ ‘–enable-useragent-log’ ‘–enable-wccpv2’ ‘–enable-esi’ ‘–with-aio’ ‘–with-default-user=squid’ ‘–with-filedescriptors=163
84’ ‘–with-dl’ ‘–with-openssl’ ‘–with-pthreads’ ‘build_alias=x86_64-redhat-linux-gnu’ ‘host_alias=x86_64-redhat-linux-gnu’ ‘target_alias=x86_64-redhat-linux-gn
u’ ‘CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector –param=ssp-buffer-size=4 -m64 -mtune=generic -fpie’ ‘LDFLAGS=-pie’ ‘CXXFLAGS
=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector –param=ssp-buffer-size=4 -m64 -mtune=generic -fpie’ –with-squid=/builddir/build/BUILD
/squid-3.1.10
LikeLike
Comment by Hammad — August 26, 2013 @ 12:09 PM
How i get the cache video plugin for testing?
LikeLike
Comment by saikat mallik — August 30, 2013 @ 3:08 PM
contact there support personnel.
cachevideos.com
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — September 1, 2013 @ 8:36 AM
what’s the output of following command? Post complete output.
squid -v
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — August 26, 2013 @ 12:06 PM
check above complete output.
LikeLike
Comment by Hammad — August 26, 2013 @ 12:12 PM
Dear hammad,
You are using SQUID 3.1.10 which do not have ZPH,
Either install squid from soruce code and add –enable-zph-qos in it, or if you are new in linux
then simply install Ubuntu 12.4 , Its squid package is by default 3.1.19 which supports ZPH using
apt-get install squid
You can add me in SKYPE
aacable79
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — August 26, 2013 @ 12:13 PM
Asalam-o-alecum , jahanzaib bhai I was using centos open squid.conf with gedit now I m using Ubuntu but in Ubuntu squid file not open on GUI with any editor show access deny squid.conf how to open squid.conf in Ubuntu on GUI with any editor ?
LikeLike
Comment by khurram — August 24, 2013 @ 12:35 PM
better to work with CLI editors, they are more powerful and quick to work with.
you can use NANO for example.
If you are using Ubuntu DESKTOP edition, try to login with root access, this way you will not get any permission issues.
If you are using Ubuntu Server edition, there is no GUI by default, but you can install it if you required.
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — August 26, 2013 @ 9:21 AM
Thanks I have done .
LikeLike
Comment by khurram — August 26, 2013 @ 10:54 AM
i can’t get it to work on Local network, as soon as i connect ubuntu with mikrotik i lose internet in ubuntu pc server and in network. please anny help what am i doing wrong
LikeLike
Comment by adi — November 14, 2013 @ 5:44 AM
using Ubuntu DESKTOP
LikeLike
Comment by adi — November 14, 2013 @ 5:46 AM
how to patch zph on squid3..
LikeLike
Comment by Millan — January 6, 2015 @ 1:25 AM
Hi
I confused with mangle part (for mikrotik v6.x), why the new-packet-mark=proxy and queue simple packet-mark=zph-hit. If I look for v5.x, both are =proxy
LikeLike
Comment by rioven — January 22, 2015 @ 1:26 PM
Your confusion was right. There was a typo mistake dueto fact that I copy pasted rules from my two ROS including 5.x and 6.x, and that made some mismatching. Its now updated with UPDATED CHANGE LOG.
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — January 22, 2015 @ 1:38 PM
How to apply this in pfsense with lusca?
LikeLike
Comment by ra — February 9, 2015 @ 7:43 PM