On 05/12/16 00:29, Alex Rousskov wrote:
On 12/04/2016 03:05 PM, Alfredo Rezinovsky wrote:
Let say a client asks for a URL using a range: 0-256000.
I want squid to ask just for 10.000 bytes and answer as if the request
was server side aborted.
I can change the request Range: "bytes=0-2
A small quantity of big regexes performs well. The CPU load is the same as
if there's no regex at all.
The thing I don't understand is why this specific regex matches every uri I
throw at it in squid, but not in linux grep, or regex101.com.
The generation of the big regexes takes seconds and is
Not my question. I'm asking about performance
2016-04-27 9:09 GMT-03:00 Yuri Voinov <yvoi...@gmail.com>:
> https://regex101.com is your best friend.
>
> 27.04.16 17:32, Alfredo Rezinovsky пишет:
>
> I saw in debug log that when an ACL has many regexes each one is co
I saw in debug log that when an ACL has many regexes each one is compared
sequentially.
If I have
www.facebook.com
facebook.com
www.google.com
google.com
If will be faster to check just ONE optimized regex like
(www\.)?(facebook|google).com than the previous three?
I'm really talking about
I'm using squid with a custom icap service. (Which code I plan to free)
http_port 3129 tproxy disable-pmtu-discovery=always
collapsed_forwarding on
dns_v4_first on
max_filedescriptors 8192
connect_retries 10
retry_on_error on
client_request_buffer_max_size 10250 KB
request_header_max_size 10240
2015-09-05 10:32 GMT-03:00 Antony Stone <antony.st...@squid.open.source.it>:
> On Saturday 05 September 2015 at 15:29:28, Alfredo Rezinovsky wrote:
>
> > I'm trying to adapt response for all text/html responses.
> >
> > icap_service service_respmod respmod_prec
I'm trying to adapt response for all text/html responses.
icap_service service_respmod respmod_precache icap://127.0.0.1:1344/response
acl html rep_header -i Content-Type text\/html
adaptation_access service_respmod allow html
And it doesn't works.
The strange thing is that it does works with:
I'm using a custom compiled version
Squid Cache: Version 3.5.1-20150206-r13746
Service Name: squid
configure options: '--disable-auth' '--disable-auto-locale'
'--disable-cache-digests' '--disable-cpu-profiling'
'--disable-debug-cbdata' '--disable-delay-pools' '--disable-devpoll'
'--disable-ecap'
The workers are to use most of the CPU cores (and not only 1, which is not
enough)
The hard drivers are to increase IO.
2015-02-09 18:28 GMT-03:00 Amos Jeffries squ...@treenet.co.nz:
On 10/02/2015 5:11 a.m., Alfredo Rezinovsky wrote:
I have one of these lines for each cache disc (sdb, sdc
rebuild and exit. So I'm sure the stores
are clean after starting the real squid and enabling transparent proxy
iptables rules?
El Mon Feb 09 2015 at 1:36:01, Eliezer Croitoru elie...@ngtech.co.il
escribió:
On 08/02/2015 01:32, Alfredo Rezinovsky wrote:
Specially in servers with 6 workers and 6
Thanks. That will do it.
El dom, feb 8, 2015 08:33, Amos Jeffries squ...@treenet.co.nz escribió:
On 8/02/2015 12:32 p.m., Alfredo Rezinovsky wrote:
I'm getting some kid registration timed out messages sometimes
Squid 3.5.1
Specially in servers with 6 workers and 6 cache discs (Each
El 19/12/14 a las 12:53, Amos Jeffries escibió:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/12/2014 4:21 a.m., Alfredo Rezinovsky wrote:
I have a few TPROXY implementations with squid. In only one of
them recently I'm getting lots of: x-squid-error: ERR_CONNECT_FAIL
110 and some 504
I have a few TPROXY implementations with squid. In only one of them
recently I'm getting lots of: x-squid-error: ERR_CONNECT_FAIL 110 and
some 504 timeouts.
Squid Cache: Version 3.4.10-20141218-r13197
configure options: '--prefix=/opt/sepia/squid'
'--sysconfdir=/var/lib/sepia/'
squid exits with illegal instruction message
Squid Cache: Version 3.4.6-20140826-r13168
configure options: '--disable-auth' '--disable-auto-locale'
'--disable-cache-digests' '--disable-cpu-profiling'
'--disable-debug-cbdata' '--disable-delay-pools' '--disable-devpoll'
'--disable-ecap'
There's no log output, it just exists. No coredump either. strace output
is useful ?
Please provide more details, like log output, or a coredump backtrace.
Thanks
2014-08-27 11:44 GMT-03:00 Alfredo Rezinovsky alfr...@fing.uncu.edu.ar:
squid exits with illegal instruction message
Squid
El 15/03/14 22:21, Amos Jeffries escribió:
On 15/03/2014 12:26 a.m., Alfredo Rezinovsky wrote:
Using: squid -k rotate squid rotates logs but also closes and reopen
caches_dirs and url_rewrite_programs
There's a way to signal only the (logfile-daemon) processes to rotate
the logs and only
El 17/03/14 15:08, Alfredo Rezinovsky escribió:
segfault at 0 ip 005929d3 sp 7fff7756b068 error 4 in
squid[40+318000]
When this happens It segfaults again after restarting unless I remove
and rebuild the cache_dirs
The proxy then works perfectly for a day or a whole month
segfault at 0 ip 005929d3 sp 7fff7756b068 error 4 in
squid[40+318000]
When this happens It segfaults again after restarting unless I remove
and rebuild the cache_dirs
The proxy then works perfectly for a day or a whole month after crashing
again.
Squid Cache: Version
El 15/03/14 22:21, Amos Jeffries escribió:
On 15/03/2014 12:26 a.m., Alfredo Rezinovsky wrote:
Using: squid -k rotate squid rotates logs but also closes and reopen
caches_dirs and url_rewrite_programs
There's a way to signal only the (logfile-daemon) processes to rotate
the logs and only
Using: squid -k rotate squid rotates logs but also closes and reopen
caches_dirs and url_rewrite_programs
There's a way to signal only the (logfile-daemon) processes to rotate
the logs and only the logs ?
--
Alfrenovsky
Squid Cache: Version 3.4.1-20131209-r13055
configure options: '--prefix=/opt/sepia/squid'
'--sysconfdir=/opt/sepia/etc' '--disable-auth' '--disable-auto-locale'
'--disable-cache-digests' '--disable-cpu-profiling'
'--disable-debug-cbdata' '--disable-delay-pools' '--disable-devpoll'
El 09/01/14 09:43, Alfredo Rezinovsky escribió:
Squid Cache: Version 3.4.1-20131209-r13055
configure options: '--prefix=/opt/sepia/squid'
'--sysconfdir=/opt/sepia/etc' '--disable-auth' '--disable-auto-locale'
'--disable-cache-digests' '--disable-cpu-profiling'
'--disable-debug-cbdata
What squid does in a TPROXY configuration when a client tries to use a
non-http protocol in port 80?
ToR for example tries port 80. There's a way to squid to seamlessly pass
through the connection when there's not and http conversation?
--
Alfrenovsky
With squidclient mgr:info I get a Number of clients accessing cache:
This number is always bigger than the different IP addresses in my
access log.
I know I can have
Squid is using the user agent, the X-Forwarded-For or something else to
distinguish one client with another?
--
Alfrenovsky
El 20/10/13 15:24, Antony Stone escribió:
On Sunday 20 October 2013 at 19:09, Alfredo Rezinovsky wrote:
El 20/10/13 13:03, Antony Stone escribió:
There's nothing you can do to stop a packet arriving at your router - you
can only decide what to do with it afterwards.
The package arrives to my
El 21/10/13 07:03, Eliezer Croitoru escribió:
On 10/21/2013 11:37 AM, adamso wrote:
Thanks for the replies,
I am using pfsense like router for the dual wan, the squid box have
only one
interface, it is in the DMZ in transparent mode.
Is it for load balancing or FailOver?
pfsense supports
I need to limit the INBOUND bandwith to squid
Using delay pools I can limit the traffic to the clients. I need to
limit the traffic from the internet, leaving at wire speed the traffic
to the clients.
Is that possible?
--
Alfrenovsky
El 20/10/13 13:03, Antony Stone escribió:
On Sunday 20 October 2013 at 16:50, Alfredo Rezinovsky wrote:
I need to limit the INBOUND bandwith to squid
Why?
I need the http traffic to be between limit.
Using delay pools I can limit the traffic to the clients. I need to
limit the traffic from
I'm trying
acl dotted_ip url_regex -i
^http:\/\/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\/
to match any ip address hostname.
I don't need to be strict, http://999.777.555.333 could match and I dont
care.
The problem is that my url_regex doesn't match ANY ip address.
El 14/10/13 12:07, Alfredo Rezinovsky escribió:
I'm trying
acl dotted_ip url_regex -i
^http:\/\/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\/
to match any ip address hostname.
I don't need to be strict, http://999.777.555.333 could match and I
dont care.
The problem is that my
El 10/10/13 05:07, Ding Guigeng escribió:
Mohsen Dehghani wrote
Hi team
I am planning to install multiple instances of squid on a machine as a
frontend. Tproxy is now working fine on a single instance machine.
No I want to run multiple instances and use this help to load balance
between them:
El 08/10/13 11:18, Niki Gorchilov escribió:
Hi there.
Started playing with Squid 3.4.0.2 store_id feature (thanks Eliezer for
the implementation) and discovered an unresolvable issue, due to the
caching of 302 results (I know it's happening when only Expires header
is present, but anyway).
I have a squid in tproxy mode running in a bridge.
Let name LAN side the one connected to the clients and WAN side the one
connected to the gateway.
I'm using Ubuntu server LTS with a 3.5.0 kernel
The LAN network has various sub-networks, handled with many different
IPs in the gateway.
When
I have a heavy loaded squid and I noticed high latency.
using workers it seems a little faster
I dont have 100% CPU load and iowait is also low. But clients browse
faster when I disable the tproxy and let them pass bridged.
Running squid with a lower nice value should improbe the latency?
El 22/09/13 09:58, shawn wilson escribió:
I'm trying to setup a transparent proxy on my local machine. This
works when I give Firefox proxy info, but this fails when I get
iptables to redirect with (the rule I keep turning on/off):
iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT
El 16/09/13 18:35, John McGowan escribió:
Hi,
First, a brief background: I'm using squid as a non caching proxy
server within Amazon AWS to serve as a common place for my web
applications to make API requests to third parties. This is because
many of the 3rd parties I connect to have private
El 12/09/13 12:11, Marcos A. Dzieva escribió:
Dear, I have tried to use workers with rock and aufs, but I could not
make it work.
workers 4
cache_dir rock /var/cache2/squid/rock 5 min-size=1 max-size=31000
max-swap-rate=250 swap-timeout=350
if ${process_number} = 1
cache_dir aufs
El 11/09/13 11:52, Ian Coetzee escribió:
Hi guys,
I have a dynamic acl file with source ip that I am trying to deny.
What is the best way to implement this?
Regards
Ian
Try external_acl_type
http://www.squid-cache.org/Doc/config/external_acl_type/
There are some docs about how does LFUDA works?
--
Alfrenovsky
Les suppose I need to find a file logged as 00 1234 in store log.
I have a cache dir with 16 256 structure so the structure is
$(dirs from 00 to 0F)/$(dirs from 00 to FF)/$(file)
The first 00 means the first cache listed in squid.conf
I have a file 00/12/1234.
the 12 is from the 5 and
El 06/09/13 12:53, Norbert Naveen escribió:
Hello all ,
How can we get Source Ip address and dynamically call a script
within Squid acting as a Proxy for HTTP
Rgds
I don't understand the question.
Please use an example.
In the page reccomends reiserfs. So I tried to set up a squid for
200Mbps squid using reiser and squid 3.3
I had a problem, every five to ten minutes, the system freezes and the
bandwith drops to a half for about 10 seconds.
I tried tuning squid in many ways. And I noticed reiser flushes the
El 04/09/13 17:22, Thomas Harold escribió:
On 8/26/2013 6:41 AM, Nishant Sharma wrote:
Hi Thomas,
Thomas Harold thomas-li...@nybeta.com wrote:
In an instance where you have a single instance of squid running on
a two WAN links as WAN
#2
is very slow compared to WAN #1.
Is this simply
I have a squid with tproxy and url-rewrite
Some url-rewtites goes to localhost
OK rewrite-url=http://127.0.0.1/;
The problem is that squid does the request using the original client IP
(as tproxy has to) and localhost can't answer.
there's a way to force a tcp_outgoing address (or
El 31/08/13 05:13, Mohsen Dehghani escribió:
Hi team
I am planning to install multiple instances of squid on a machine as a
frontend. Tproxy is now working fine on a single instance machine.
No I want to run multiple instances and use this help to load balance
between them:
I need to log only TCP_MISS in a custom log for further processing
There's an acl for that ?
--
Alfrenovsky
El 28/08/13 02:23, Amos Jeffries escribió:
On 28/08/2013 2:19 p.m., Alfredo Rezinovsky wrote:
El 27/08/13 22:43, Alfredo Rezinovsky escribió:
I have a high load servers and need to use workers or else one CPU
core climbs to 100% usage and I see a slow down in the network.
There's a way
I need to know if an URL is cached or not.
could I use squidclient for that?
If the object is cached I'll need to get it, if its a miss I just want
to know it without getting it.
--
Alfrenovsky
El 28/08/13 11:32, Alex Rousskov escribió:
On 08/28/2013 08:00 AM, Alfredo Rezinovsky wrote:
I need to know if an URL is cached or not.
could I use squidclient for that?
If the object is cached I'll need to get it, if its a miss I just want
to know it without getting it.
Try sending
El 28/08/13 11:32, Alex Rousskov escribió:
On 08/28/2013 08:00 AM, Alfredo Rezinovsky wrote:
I need to know if an URL is cached or not.
could I use squidclient for that?
If the object is cached I'll need to get it, if its a miss I just want
to know it without getting it.
Try sending
I have a high load servers and need to use workers or else one CPU core
climbs to 100% usage and I see a slow down in the network.
There's a way to choose a worker for a single specific request?
I have a script and I need to make a request knowing wich worker will
answer it.
I've seen both
El 27/08/13 22:43, Alfredo Rezinovsky escribió:
I have a high load servers and need to use workers or else one CPU
core climbs to 100% usage and I see a slow down in the network.
There's a way to choose a worker for a single specific request?
I have a script and I need to make a request
I need to save some full responses.
squid usually receives a requests, process it and answers. Sometimes
answers are cached so I can get the content from the cache.
Sometimes the content is not cachable or the cache needs to be denied.
I need to fork the send to the client and have this
El 21/08/13 05:15, Amos Jeffries escribió:
On 20/08/2013 11:43 p.m., Alfredo Rezinovsky wrote:
I have a url_rewrite_program and I want it to know if the request
includes a range, and the value of the range.
What for please? and in what Squid version?
Amos
Version 3.HEAD.
1. I want my
El 20/08/13 21:21, junio escribió:
I'm okay to block facebook in the company I work for, I can not redirect port
443 successfully.
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/how-do-I-block-facebook-tp4661678.html
Sent from the Squid - Users mailing
I have a url_rewrite_program and I want it to know if the request
includes a range, and the value of the range.
I can get the original URL request in the url_rewrite_program but no
headers are passed by.
--
Alfrenovsky
With tproxy squid uses the original source IP address as source IP for
the request
There's a way to force the use of the original server destination IP
instead of using a DNS query?
--
Alfrenovsky
El 16/08/13 15:45, inittab escribió:
Hello,
I wanted to get some suggestions on my current setup and ask if i'm
expecting too much out of my hardware for the traffic load.
it appears i am running into out of memory problems and hitting swap,
squid processes then end up dying out.
[root@squid01
When I send a mail to squid-users I don't see mi own mails, only the
answers.
There's a way to have my own mails with the [squid-users] subject prefix?
--
Alfrenovsky
El 07/08/13 16:02, Roman Gelfand escribió:
Is there a way I could control access to various sites based on user
irregardless of workstation they are on? All in transparent proxy.
Thanks in advance
I did this a long time ago.
I had a terminal server, so all the users came from the same IP.
I
I need a squid in tproxy mode to work in stealth mode
I tried
deny_info TCP_RESET all
but when squid timeouts or the destination server rejects the connection
squid returns an error.
I want squid to just reset the connection with no messages.
--
Alfrenovsky
El 02/08/13 18:03, Amos Jeffries escribió:
On 3/08/2013 3:37 a.m., Alfredo Rezinovsky wrote:
I'm using store_id_program and I want my program to ouput a Key/Value
pair so the value goes in the logs
I tried with log and tag keys and using %[et and %[ea in
LogFormat but it didn't worked
El 04/08/13 15:52, Eliezer Croitoru escribió:
On 08/04/2013 09:46 PM, Alfredo Rezinovsky wrote:
El 02/08/13 18:03, Amos Jeffries escribió:
On 3/08/2013 3:37 a.m., Alfredo Rezinovsky wrote:
I'm using store_id_program and I want my program to ouput a Key/Value
pair so the value goes in the logs
I'm using store_id_program and I want my program to ouput a Key/Value
pair so the value goes in the logs
I tried with log and tag keys and using %[et and %[ea in
LogFormat but it didn't worked.
There's a generic Key/Value handling or each helper needs a special
support ?
--
Alfrenovsky
I'm using store_id_program and I want my program to ouput a Key/Value
pair so the value goes in the logs
I tried with log and tag keys and using %[et and %[ea in
LogFormat but it didn't worked.
There's a generic Key/Value handling or each helper needs a special
support ?
--
Alfrenovsky
65 matches
Mail list logo