Lightweight proxy for Raspberry Pi


100% Tier-1 Gogent
Tinkering with my Raspberry Pi.   

One of the first projects is to centralize my network outbound traffic in one spot.   

Main piece there is a proxy.

I tried Squid and Privoxy.

Squid hits 40-60% of CPU at around 1600KB/s

Privoxy hits 30-40% of CPU at around the same throughput.

Config for Squid is simple and no caching or anything.  Straight in and out.

Privoxy is running the default config.

Anyone have tuning tips to reduce CPU load here and perhaps better lightweight proxy alternatives?  Goal is to also provide caching in the proxy.   Lots of redundant traffic (updates and similar).  I can't fathom the load as-is if I graft caching in with slow SD card.
Last edited by a moderator:
Most of it is probably syscall overhead from read(), and write(), to socket calls.

You should attach strace to the process with the '-c' arguement and let it run for a few minutes, then see what it's spending time doing the most (if it's sycall load) and then optimize from there.


100% Tier-1 Gogent
PHPProxy won't work since this isn't web browsing one off pages, but basically anything that can be stuffed into a SOCK5 proxy or equivalent.  Includes desktop software.

@Monkburger,  I've never messed with strace, interesting new thing for me.  Here's what I am getting from a minute or two from Squid's process:

strace -c -p 22408 -v

Process 22408 attached - interrupt to quit
Process 22408 detached
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
66.68 0.067267 25 2652 epoll_wait
22.81 0.023010 8 2710 12 write
4.98 0.005027 2 2145 713 read
1.97 0.001991 0 4272 epoll_ctl
1.78 0.001793 0 5306 gettimeofday
0.84 0.000843 5 169 close
0.65 0.000659 15 43 sendto
0.11 0.000116 1 86 43 recvfrom
0.10 0.000105 2 64 19 accept
0.08 0.000076 0 484 fcntl64
0.00 0.000000 0 9 open
66% epoll_wait

22.81% write

4.98% read

Where does one go to optimize based on these?  I am off to find info on strace and any write ups on optimization.
Try building squid without epoll to see if that helps, it should fallback to using select().. 

I think there is a command line option to switch this on the fly, but I can't remember.