On Thu, 2014-03-27 at 10:26 +, Ed W wrote:
Yes, I'm still really interested to implement this. I got as far as
doing some investigation a few weeks back.
Thanks for looking into it. I'd like to sort it myself, but don't have
the time at the moment. In the meantime, I'll aim to submit a
On Sat, 2014-03-15 at 21:13 +0530, Amm wrote:
Ok I read further on that link itself, somewhere it says:
disable-preserve-miss
This option disables the preservation of the TOS or netfilter
mark. By default, the existing TOS or netfilter mark value of
the response coming
On Thu, 2013-12-26 at 15:59 +0800, Ge Jin wrote:
Hi all!
We want to use tcp_outgoing_tos with freeBSD 10.0-BETA2.
[...]
So, it's the tcp_outgoing_tos still has bug in freeBSD or I have some
mistake there ?
Have you tried increasing the logging level? Set it to at least level 3
and see
On Thu, 2013-08-08 at 22:53 -0300, Roberto Carna wrote:
In some cases depending on the Windows platform and web browser type
and version (Firefox, IE, etc.), the splash page works OK but in other
cases doesn't at al.
Is there any way to implement an univeralñ splash page that work for
all
On Sat, 2013-08-10 at 12:24 +0100, Andrew Beverley wrote:
- I configured Squid as per [1]
[1]
http://www.andybev.com/index.php/Setting_up_a_captive_portal_from_scratch_using_Debian#Configure_Squid
There is also some extra stuff in there to only show the splash page on
a certain day (using
On Sun, 2013-05-19 at 15:52 +0200, folkert wrote:
Hi,
8 years ago I implemented a program which can be integrated in Squid so
that users are initially redirect to a page where they have to tick an
I agree check-box and only then they can continue.
Is this functionally integrated in the
On Thu, 2013-03-28 at 22:52 +, Ed W wrote:
[...]
Users have a choice of gateways to use the internet via (each will have
a cost). Their choice of gateway is marked on packets from their
machine, we then route through the appropriate gateway based on the
connection mark (hence why I need
On Wed, 2013-03-27 at 00:13 +, Ed W wrote:
Hi Andy, Sorry to bug you, but I finally got round to trying the
qos_flows feature and I think my understanding is completely back to front?
What I need is to copy the packet/connection mark from the client
request, and apply it to the
On Sun, 2013-03-03 at 14:38 +, Jorge Bastos wrote:
Howdy,
When trying to compile latest 3.3.0.2 I have he below information, also
tried other versions like 3.2.8 and some problem.
Is this a library that need to be updated?
I suspect that you are using an out of date and/or wrong
On Fri, 2013-03-01 at 18:38 +0700, Azma Yogi wrote:
Hi.. the new squid 3.3 has a new feature called tcp_outgoing_mark. i
tried this feature but not works. cache.log said this ERROR:
'tcp_outgoing_mark' requires Packet MARK (Linux). anybody could help me
explain what this
error means?
On Fri, 2013-01-04 at 10:05 +0200, John Hay wrote:
On Fri, Jan 04, 2013 at 07:36:35AM +, Andrew Beverley wrote:
On Fri, 2013-01-04 at 06:31 +0200, John Hay wrote:
Looking at a linux man page:
http://linux.die.net/man/2/setsockopt
I see the same kind of text:
Most
On Thu, 2013-01-03 at 08:13 +0200, John Hay wrote:
Again, no official documentation found, but I found other bug reports in
software packages for a variety of BSD operating systems, so I think it
should apply to any BSD derivative (including OSX).
Doing a google of setsockopt freebsd and
On Fri, 2013-01-04 at 06:31 +0200, John Hay wrote:
Looking at a linux man page:
http://linux.die.net/man/2/setsockopt
I see the same kind of text:
Most socket-level options utilize an int argument for optval. For
setsockopt(), the argument should be nonzero to enable a boolean option,
On Wed, 2013-01-02 at 13:15 +1300, Amos Jeffries wrote:
On 2/01/2013 4:24 a.m., Andrew Beverley wrote:
On Tue, 2013-01-01 at 15:15 +, Andrew Beverley wrote:
Therefore, could you please try the following (untested) patch?
Ah, Amos, I've just re-read the bug report and seen that you have
On Mon, 2012-12-31 at 11:27 -0800, Nick Rogers wrote:
On Fri, Dec 28, 2012 at 6:59 PM, Amos Jeffries squ...@treenet.co.nz wrote:
On 29/12/2012 3:49 p.m., Andrew Beverley wrote:
On Fri, 2012-12-28 at 18:13 -0800, Nick Rogers wrote:
I was able to come up with a patch that works in my
On Tue, 2013-01-01 at 15:15 +, Andrew Beverley wrote:
Therefore, could you please try the following (untested) patch?
Ah, Amos, I've just re-read the bug report and seen that you have closed
it with a FreeBSD workaround. I couldn't see your commit, but from what
I have read it looks like
On Fri, 2012-12-28 at 18:13 -0800, Nick Rogers wrote:
I was able to come up with a patch that works in my environment by
looking at some of the changes between 3.1 and 3.2. It seems that
sizeof(tos_t) does not result in a valid setsockopt() argument,
whereas sizeof(int) that was used in 3.1.x
On Tue, 2012-11-13 at 14:46 +0200, Pavel Bychykhin wrote:
I tried in VirtualBox without the jail. Nothing changed.
My system is FreeBSD 8.2. Maybe on Linux all is OK.
Maybe, but it would be strange if it became broken in 3.2, as although
the QOS code changed a lot, the actual code to set the
On Sat, 2012-11-10 at 19:37 +0200, Pavel Bychykhin wrote:
I tried 0x10, 0x14, 0x3C, 0x80, 0x84. Result is the same for Squid 3.2 - not
working.
I'll test it myself when I get a moment (on Linux), but it might not be
until next week.
For Squid 3.1 all values works fine.
There were a lot of
On Sat, 2012-11-10 at 15:30 +0200, Pavel Bychykhin wrote:
Fragment from log of Squid 3.2:
2012/11/10 14:31:08.157 kid1| fwdConnectStart: got outgoing addr 0.0.0.0, tos
12
2012/11/10 14:31:08.157 kid1| The AsyncCall fwdConnectDoneWrapper
constructed, this=0x28fbb340 [call982]
2012/11/10
On Fri, 2012-11-09 at 14:18 +0200, Pavel Bychykhin wrote:
Hi All!
Recently i tried to upgrade my Squid 3.1.21 to 3.2.3.
Everything works fine, but tcp_outgoing_tos no longer affects outgoing
packets.
Here fragment from my config:
acl rfc1579 dst 192.168.0.0/16
acl rfc1579 dst
On Thu, 2012-08-30 at 00:14 -0700, Mustafa Raji wrote:
hi i have a problem with zph configuration in squid 3.1.11 in the squid
wiki i find the zph configuration directive is qos_flows and i want to
mark the local-hit packet to root this packets locally
the configuration in squid.conf file is
On Thu, 2012-08-30 at 05:01 -0700, Mustafa Raji wrote:
i will try to use the 3.2, kindly would you tell me the linux os you
used (most used linux distribution with 3.2)
[ Please don't top-post ]
I use Debian and compile v3.2 myself. I am not aware of any Linux
distribution shipping v3.2.
On Mon, 2012-07-09 at 18:22 +0530, Ben wrote:
We are running squid since long time and it is working fine.Now days, we
migrated squid for RHEL 6 to use qos_flow DSCP marking parameter.
For testing purpose at lab, we deploy two squid box, one with rhel rpm (
Version 3.1.19 ) and on second
On Tue, 2012-06-26 at 17:30 +1200, Amos Jeffries wrote:
Has anyone any idea how to actually Implement that in a system ?
Search for information on Captive Portal.
You might like to check out my tutorial on how to do it with iptables.
There are various out of the box software packages
On Wed, 2012-04-25 at 00:11 -0400, Brian R. Landy wrote:
Well, I was not using the correct field.
But it's still not working?
I had also tried using something simple, like clientside_tos 0xb8 all
(which under 3.0 definitely tagged all traffic) and it did nothing under
3.2.0.17.
I assume
Hi, I’m very sorry it took so long for me to test this and reply;
unfortunately, under 3.2.0.16 and 3.2.0.17 I still don’t see
clientside_tos ever marking packets. My clientside_tos configuration
has been working perfectly with 3.0.STABLE26 for the last month.
Can you post the
On Sun, 2012-04-22 at 21:30 -0400, Brian Landy wrote:
Hi, I applied the patch but it doesn’t seem to be working.
Depending on your requirement, you could always try the 3.2 branch. A
lot of the TOS code was rewritten in that version as part of the
implementation of the netfilter mark
On Mon, 2012-04-16 at 16:24 +0100, Marilo wrote:
I know one can set up an HTTP Proxy that requests authorization, and
the browser prompts for a username and password. Only when it's right,
can they then use the proxy, access the internet.
If you want to prevent/allow people access to all
On Mon, 2012-04-02 at 14:28 -0400, Osmany Goderich wrote:
Please have a look at this bash/mysql external helper. Can anyone tell me
why is it not working?
...
is there anyway I can test this directly on the server's shell
Yes, just run it on the shell as you would any other script, and input
[ Some stuff about TOS packet tagging ]
Hi, I applied the patch but it doesn’t seem to be working.
Depending on your requirement, you could always try the 3.2 branch. A
lot of the TOS code was rewritten in that version as part of the
implementation of the netfilter mark feature.
Andy
On Sun, 2012-02-26 at 15:49 +0400, Vyacheslav Maliev wrote:
2012/2/24 Amos Jeffries squ...@treenet.co.nz:
On 24/02/2012 11:26 a.m., Andrew Beverley wrote:
On Fri, 2012-02-24 at 02:06 +0400, Vyacheslav Maliev wrote:
Hi!
I configured my splash like described here:
http://wiki.squid
I configured my splash like described here:
http://wiki.squid-cache.org/ConfigExamples/Portal/Splash. I have
chosen second example (Active Mode) and adopted it to my squid 3.0
version (there is squid_session helper instead ext_session_acl). So
when i go to matched URL session is
On Fri, 2012-02-24 at 02:06 +0400, Vyacheslav Maliev wrote:
Hi!
I configured my splash like described here:
http://wiki.squid-cache.org/ConfigExamples/Portal/Splash. I have
chosen second example (Active Mode) and adopted it to my squid 3.0
version (there is squid_session helper instead
On Sat, 2012-02-11 at 11:36 -0200, João Paulo Ferreira wrote:
Does anyone know how do I recompile my squid that was installing the
tool using yum (centos)?
I've never used yum, but you should be able to recompile by downloading
the packaged sources. The following page will probably help:
On Tue, 2012-02-07 at 17:37 +0100, Carsten Ralle wrote:
Is there a configuration (preferably without ICP) to transparently use
all three lines in parallel for a connection (e.g. HTTP/FTP-download or
data streaming) ?
How about multipath TCP? Assuming that you control both ends of your WAN
On Tue, 2012-01-24 at 09:50 -0500, Alona Rossen wrote:
How can I unsubscribe from this mailing list?
http://lmgtfy.com/?q=squid+users+unsubscribe
Third in the list.
On Wed, 2011-12-21 at 10:54 +0200, yusuf özbilgin wrote:
On Tue, 2011-12-20 at 20:18 +0200, yusuf özbilgin wrote:
Hi,
I am getting error when compile helpers/external_acl/session on freebsd
7.4.
Error details are below.
What can be the problem?
Thanks,
Yusuf
On Wed, 2011-12-21 at 11:52 +0200, yusuf özbilgin wrote:
Can you try putting the line back to #include db.h and then remove
the #if HAVE_DB_H and #endif lines. Try recompiling, and see what
error message you then get.
Same error.
When I remove the line
#include db.h
Error is
On Tue, 2011-12-20 at 20:18 +0200, yusuf özbilgin wrote:
Hi,
I am getting error when compile helpers/external_acl/session on freebsd 7.4.
Error details are below.
What can be the problem?
Thanks,
Yusuf
squid version is squid-3.2.0.14-20111219-r11470
berkeley db version is 4.8
On Tue, 2011-12-20 at 15:49 -0200, Igor NM wrote:
Hi all!
My squid cannot run any external acl script or soft
I want to restrict web access by Windows AD group..
I test with other helpers, softs and scripts in this location and other
location (ex. /tmp, /, /etc/squid3) and I got same
On Wed, 2011-11-23 at 13:28 -0800, someone wrote:
I am unable to limit the hours squid will accept requests
squid3 -v
Squid Cache: Version 3.0.STABLE8 ---yes I know its older but will do
for my needs.
Ive tried this:
acl ACLTIME time SMTWHFA 06:00-23:30
http_access allow
On Sun, 2011-11-13 at 22:29 +0530, Benjamin wrote:
Hi,
I want to use squid version on centos 6.So for that i wonder that do i
compile squid latest stable version from squid source code or should i
go with rpm package which i get from my distro.?
You're normally best using the one provided
On Sun, 2011-11-13 at 23:12 +0530, Benjamin wrote:
On 11/13/2011 10:51 PM, Andrew Beverley wrote:
On Sun, 2011-11-13 at 22:29 +0530, Benjamin wrote:
Hi,
I want to use squid version on centos 6.So for that i wonder that do i
compile squid latest stable version from squid source code
On Fri, 2011-11-11 at 10:09 -0800, someone wrote:
Im trying to Upgrade my squid install, I need to compile a newer version
of squid 3.1 on a debian machine, but when I run Make Install, it puts
everything in the wrong directories.
Does anyone know the proper Make Install command for debian
On Tue, 2011-10-25 at 02:23 +0300, Alex F wrote:
BTW, how can I find out what version is the session helper?
Cheers.
ext_session_acl -v should tell you.
It doesn't work, I already tried it.
/usr/local/squid/libexec/ext_session_acl -v
/usr/local/squid/libexec/ext_session_acl:
On Sun, 2011-10-23 at 07:41 -0700, Ivan Matala wrote:
hello, this is my code
iptables -t nat -A PREROUTING -i tun0 -p tcp -m tcp --match multiport
--dports 80 -j DNAT --to-destination 118.67.78.136:80
what im trying to do is, im trying to redirect all http requests to a
foreign proxy, but
On Sat, 2011-10-22 at 02:41 +0300, Alex F wrote:
On Wed, Oct 19, 2011 at 2:10 AM, Andrew Beverley wrote:
acl A dstdomain 192.168.235.136
acl B urlpath_regex /splash.html /check.html
http_access allow A B
The above 2 rules do not appear to be used?
Well the idea was to use
On Wed, 2011-10-19 at 12:48 -0400, Wilson Hernandez wrote:
Hello.
After attempting several suggestions from guys here in the list, I'm
still experiencing the same problem: Facebook is so sluggish that my
users are complaining everyday and is just depressing.
Today I came up with an
On Tue, 2011-10-18 at 14:44 +0300, Alex F wrote:
Hello,
I am trying to set up a splash page as an initial page, no matter what
users request.
Please note I am using Squid 3.2 with session helper 1.1 on debian 6.
Following the examples from
On Sun, 2011-10-02 at 21:50 -0700, Ivan Matala wrote:
Hello guys, do you any idea or is it possible to display a splash page
to squid proxy users? I want it like display for some specific
interval. Also can we put license agreement, in which they have to
press Yes or accept in order to browse
On Sat, 2011-09-24 at 04:18 -0700, Jim Gifford wrote:
I have setup a small proxy server at home for my kids.
My proxy is setup to allow access from 8am to 9pm on school nights. He
has an alarm clock that uses his ipod, that needs 24x7 connectivity or
his alarm clock doesn't work. Is it
Hi,
I would like to deny a request with http_access, but based on 2 ACLs. Is
there a way to do this?
The reason is that I want to produce a splash page, but only display it
between certain times. I was thinking something like:
http_access deny !new_users correct_time
where new_users and
On Mon, 2011-04-25 at 07:54 -0700, Daniel Shelton wrote:
First of all, thanks to Amos and Andrew for replying to my previous
question. I have setup squid_session with the following in
squid.conf. The result is attached below also. For whatever reason
the squid sessions are crashing and I am
On Thu, 2011-07-21 at 23:56 +0630, Mr Crack wrote:
Dear Friends,
I would like to know if there is any wifi hotspot solution software in
Linux ( free or commercial )
In Windows, that can be done with Antamedia Hotspot software.
There are instructions here if you want to roll your own:
On Sat, 2011-04-23 at 20:36 +0800, jiluspo wrote:
remote servers I mean http web servers TOS.
I already know about peers in fact current squid(as of 04/24/11) TOS are not
being marked peer(digest or icp) hit when local miss.
http://bugs.squid-cache.org/show_bug.cgi?id=3202
AFAIK squid 2
On Sat, 2011-04-23 at 21:24 +0800, jiluspo wrote:
therefore squid 3.2 still cant preserve TOS value from remote server to
clients.
Correct.
hmn. what about the zph that requires kernel patch?
zph and qos_flows are the same thing. The names differ between different
versions of Squid.
On Wed, 2011-04-20 at 05:39 -0700, Daniel Shelton wrote:
Does anyone know? Can Squid be set up as a wifi Hotspot?
For example, with a splash page that users will see before connecting?
You can use Squid for a simple splash page:
http://wiki.squid-cache.org/ConfigExamples/Portal/Splash
On Thu, 2010-12-23 at 19:05 +0100, lupuscramus wrote:
Do you know someone who managed to use the squid marked packets
to make a QoS based on ip source with classful queuing ? (cbq, htb)
Yes, I do this. For an example you could have a look at my website. It
is out of date and probably
On Wed, 2010-12-22 at 23:57 +0100, lupuscramus wrote:
Looks right for the Squid part.
Also check that Squid was built with the netfilter-conntrack library and
the QoS feature enabled.
--enable-zph-qos --with-netfilter-conntrack
when not explicitly specified for ./configure the
On Fri, 2010-10-29 at 05:48 -0700, Landy Landy wrote:
--- On Thu, 10/28/10, Andrew Beverley a...@andybev.com wrote:
From: Andrew Beverley a...@andybev.com
Subject: Re: [squid-users] Limiting user's bandwidth
To: Landy Landy landysacco...@yahoo.com
Cc: Squid-Users squid-users@squid
$tc filter add dev eth1 parent 2:0
protocol ip prio 4 handle 1003 fw classid
2:1003
I'm no expert, but I would remove the prio parameter. I
think this is
matching the prio value of a packet - probably not what you
want. I
would also change the classid to flowid.
The
On Mon, 2010-10-25 at 17:15 -0700, Landy Landy wrote:
If it's not working, then I suspect it's something wrong
with your tc
rules. Are you sure you are shaping the correct interface?
Remember that
the interface will be the opposite one to the one that you
are using for
the user
On Tue, 2010-10-26 at 08:15 -0700, Landy Landy wrote:
Here's a snip:
#!/bin/bash
#set -v
iptables='sudo iptables'
tc='sudo tc'
#$iptables -t mangle -F
#$iptables -t mangle -Z
#
## Traffic Shaping
#
## Parent ID: 1, Associated with iface: eth0
Thanks Andy for your reply and taking your time to help like always.
No problem at all.
$tc class add dev eth0 parent 1:0 classid 1:1
htb rate 900kbit ceil 945kbit
As I understand, correct me if I'm wrong, this rule is telling the
kernel how much bw we want to use globally or how
Ah, well the difference is that you are using INPUT/OUTPUT chains with
Squid, not FORWARD, so that will be the difference.
What a dreadful sentence! That will teach me to not proofread before
posting to a list...
[top posting corrected]
Are you just trying to share bandwidth fairly between users? If so, your
best bet is to change to one leaf for all your clients, but attach a
filter to it that will share bandwidth *by IP address* (see below) - the
default is to share by connection. If you want an
On Mon, 2010-10-25 at 15:39 -0700, Landy Landy wrote:
Just to confirm: you are using a recent snapshot tarball of
3.2 beta
releases to do this right? with the packet marking
netfilter libraries
built in?
No, I'm actually using Squid Cache: Version 3.0.STABLE24 (the version
that has
I would like to create a captive portal using PHP where it would
authenticate the user based on IP address and status. I tried using
php socket and redirect traffic to it with ip tables. I'm having some
problems since I can't get the customer ip address.
What's the reason that you can't
On Mon, 2010-09-27 at 14:17 -0700, Landy Landy wrote:
What's the reason that you can't get the customer IP
address?
If you can find a way to get the IP address, then you could
use the
following (which uses iptables and PHP):
On Wed, 2010-09-22 at 12:29 +0200, Han Boetes wrote:
Hi,
I installed squid and used this page to set up a splash page:
http://wiki.squid-cache.org/ConfigExamples/Portal/Splash
This works like expected, except that the customer wants it to work
slightly different.
1) He wants
On Fri, 2010-08-27 at 21:05 +1200, Amos Jeffries wrote:
Oguz Yilmaz wrote:
Is it possible for Squid to mark outgoing connection with a mark
indicating the requester for that connection. I want to try this way
for user based time quota. My aim is to catch connections acc.to the
mark
I have been looking around for a howto on this. Numerous google searches
have only lead me to half explanations, etc. Can anyone please point me
to a nice howto on setting this up.
Depending on what exactly you want to achieve, you could, of course,
also use some of the tc
I have been looking around for a howto on this. Numerous google searches
have only lead me to half explanations, etc. Can anyone please point me
to a nice howto on setting this up.
Depending on what exactly you want to achieve, you could, of course,
also use some of the tc traffic shaping
Dear Squid users,
I am currently creating a patch for Squid that offers the existing ZPH
TOS functionality, but for netfilter marks. The patch will mark packets
leaving Squid with a netfilter mark value, depending on whether they
were retrieved from local cache or somewhere upstream. It will also
Hi,
In the last few days, my store.log has suddenly started filling up
with entries such as the following:
1246200847.769 RELEASE -1 74D41A19D1E64DB54978AD277BA12FC7
? ? ? ? ?/? ?/? ? ?
Despite log rotation, the log file has hit 2GB and stopped Squid
76 matches
Mail list logo