On Wed, Mar 16, 2016 at 10:44 AM, Amos Jeffries <squ...@treenet.co.nz>
wrote:
> On 17/03/2016 3:03 a.m., Chris Nighswonger wrote:
> > On Wed, Mar 16, 2016 at 9:07 AM, Amos Jeffries <squ...@treenet.co.nz>
> wrote:
> >
> >> On 17/03/2016 1:57 a.m., Amos Jeffr
>>> On Thu, Mar 17, 2016 at 4:50 AM, Amos Jeffries wrote:
If its not Squid then something is playing around with the Squid port.
Best know what it is even if thats okay.
>>>
I ran a pcap on the lo if and squid's port. While running it, I opened
a browser and
So what am I missing in the following situation?
Our mail dept uses shiprush.com. The software supplied by shiprush is
not proxy-auth friendly, so I added a
acl ShipRush dstdomain .shiprush.com
and
http_access allow campusnet ShipRush
before my http_access line requiring authentication.
Yet
On Tue, Mar 16, 2010 at 5:21 PM, Amos Jeffries squ...@treenet.co.nz wrote:
On Tue, 16 Mar 2010 15:31:51 -0400, Chris Nighswonger
cnighswon...@foundations.edu wrote:
This is probably a problem with the site rather than with squid, but I
thought the list might be able to identify it as I cannot
This is probably a problem with the site rather than with squid, but I
thought the list might be able to identify it as I cannot.
Below is the entire response body.
This request works fine without squid in line.
Kind Regards,
Chris
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN
On Sat, Jan 10, 2009 at 11:01 AM, Chris Nighswonger
cnighswon...@foundations.edu wrote:
Attached is the current config. The config on the upgrade was a simple
cp of the previous config file. The only thing different now is the
addition of ignore_expect_100 on at the end per the suggestion
I'm using authentication and trying to allow unauthenticated access to
http://java.sun.com/update/1.6.0/map-1.6.0.xml and all associated
urls so Java will update transparently rather than prompting the user
for credentials. I have been trying to do this using dstdom_regex and
cannot seem to get
On Mon, Jan 12, 2009 at 11:00 AM, Amos Jeffries squ...@treenet.co.nz wrote:
Chris Nighswonger wrote:
I'm using authentication and trying to allow unauthenticated access to
http://java.sun.com/update/1.6.0/map-1.6.0.xml and all associated
urls so Java will update transparently rather than
On Fri, Jan 9, 2009 at 9:22 PM, Amos Jeffries squ...@treenet.co.nz wrote:
BTW, we started back up for the spring semester yesterday. I did my
upgrade over the break. Now I am having multiple sites (many are ssl)
unaccessible which were accessible under 2.6.STABLE12. Did I miss some
major
On Thu, Jan 8, 2009 at 11:23 PM, Amos Jeffries squ...@treenet.co.nz wrote:
Chris Robertson wrote:
Try http://www.squid-cache.org/Doc/config/ignore_expect_100/
This workaround did fix the problem for now.
That said, the squid setting is only a bandaid over the top, and only works
in that
On Fri, Jan 9, 2009 at 9:42 AM, Chris Nighswonger
cnighswon...@foundations.edu wrote:
On Thu, Jan 8, 2009 at 11:23 PM, Amos Jeffries squ...@treenet.co.nz wrote:
Chris Robertson wrote:
Try http://www.squid-cache.org/Doc/config/ignore_expect_100/
This workaround did fix the problem for now
Hi all,
I'm running Squid 2.7.STABLE3. I just moved off of 2.6.STABLE12.
We run a USPS webapp called Shipping Assistant. With 2.6, this app
worked fine. During my upgrade, I introduced no config changes. With
2.7, this app is broken. Comparing a tcpdump of the app talking direct
and then the
iPrism/Barracuda/Websense.. but now I
figure I will just let them spend the money.. ;-)
- Original Message
From: Chris Nighswonger [EMAIL PROTECTED]
To: nairb rotsak [EMAIL PROTECTED]
Cc: matlor [EMAIL PROTECTED]; squid-users@squid-cache.org
Sent: Wednesday, October 29, 2008 9:31
On Tue, Oct 28, 2008 at 6:18 AM, matlor [EMAIL PROTECTED] wrote:
I have configured squid with winbind integrated in the active directory of a
windows 2003 domain.
If I browse internet trough IE 7 everething is ok, no user and password
prompted, because of the common login. While, if I open
years now.
- Original Message
From: Chris Nighswonger [EMAIL PROTECTED]
To: matlor [EMAIL PROTECTED]
Cc: squid-users@squid-cache.org
Sent: Wednesday, October 29, 2008 8:48:39 AM
Subject: Re: [squid-users] SQUID + FIREFOX + ACTIVE DIRECTORY
On Tue, Oct 28, 2008 at 6:18 AM
On Wed, Oct 29, 2008 at 5:16 PM, nairb rotsak [EMAIL PROTECTED] wrote:
http_access allow all NTLMUsers
Does the 'all' trump the 'NTLMUsers' acl here?
Chris
- Original Message
From: Chris Nighswonger [EMAIL PROTECTED]
To: nairb rotsak [EMAIL PROTECTED]
Cc: matlor [EMAIL
Hi Dave,
On Tue, Sep 30, 2008 at 6:13 PM, Dave Dykstra [EMAIL PROTECTED] wrote:
I found out a little bit more by looking in the source code and the
generated headers and setting a few breakpoints. The squid closest to
the origin server that is down (the one at the top of the cache_peer
Hi all,
I'm preparing to move my squid to new hardware. I have two 500GB
SATA HDD's in the new box which will be used to store squid's cache
on. Any suggestions on the best raid config for these guys so as to
maximize performance?
Regards,
Chris
--
Christopher Nighswonger
Faculty Member
Is there anything I should be aware of prior to upgrading a perfectly
good working install of 2.6STABLE12 to 2.7STABLE4?
Regards,
Chris
On 10/26/07, Amos Jeffries [EMAIL PROTECTED] wrote:
It works fine when I am not on dial-up.
Big hint there to whats causing the problem.
I use squid on a dialup connection at my home on a win32 box and it
works just fine.
As Amos suggested, I would suspect an unstable dialup connection
On 9/24/07, Gustavo Uribe [EMAIL PROTECTED] wrote:
Hello list, sorry to bother you with a question, but i've been
browsing teh internets for a few hours now without finding a clue.
What im trying to do is... get in squid access.log the client IP, but
since im using dansguardian , the front
On 9/22/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
he is talking about using Windows Integrated Login to have the client
automatically log in to the proxy, just as it automatically logs in to
any other server on your network.
On 9/12/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
it's not possible (at the moment) to open 2 ADSL Ports on the same telefony
wire...
Agreed.
However, with two dry loops or live lines (or more) it is possible to
bond the circuits together for aggregate bandwidth. That being said,
the sum
On 5/21/07, Sathyan, Arjonan [EMAIL PROTECTED] wrote:
I would like to know where we are on this bug... Are we able to find any
clues why the DVD files are not getting downloaded through Squid?
It appears to be an IE bug, not Squid.
Have you tried Henrik's suggestion in his previous post?
On 5/16/07, Adrian Chadd [EMAIL PROTECTED] wrote:
On Wed, May 16, 2007, Henrik Nordstrom wrote:
tis 2007-05-15 klockan 14:34 -0700 skrev Sathyan, Arjonan:
Was there any trace from the files which I have uploaded? Can you please
tell me why I am not able to download the files which are 2GB
On 5/13/07, Pitti, Raul [EMAIL PROTECTED] wrote:
Hi!
I remember someone on the list mentioning a commercial filtering
software, wich run on RH . I think the Software company is from
australia, and what i like most is the cost.. but somehow i managed to
delete my bookmarks (to much work..., to
On 5/10/07, Starckjohann, Ove [EMAIL PROTECTED] wrote:
Hello!
We're having problems with the url of a financial magazine:
http://www.cash-online.de/
Without proxy the sites shows rapidly...with proxy squid 2.6.5-4 the
site does NOT load.
Is this an squid-issue, or where may be the problem ?
On 5/10/07, Starckjohann, Ove [EMAIL PROTECTED] wrote:
direct hit :-)
echo 0 /proc/sys/net/ipv4/tcp_window_scaling
You might want to add that to your system config (not sure where off
the top of my head) so that it will survive a reboot.
Chris
On 5/10/07, Vadim Pushkin [EMAIL PROTECTED] wrote:
I am trying to modify my ACL to prevent a specific IP address within a range
already defined in http_access and acl.
Where within this do I state *not* (!) 192.168.1.200?
acl NET_ONE src 192.168.0.0/16
or
http_access allow NET_ONE
I think
On 5/9/07, Adrian Chadd [EMAIL PROTECTED] wrote:
On Tue, May 08, 2007, Chris Nighswonger wrote:
On 5/8/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
tis 2007-05-08 klockan 18:48 -0400 skrev Chris Nighswonger:
Maybe it is a regression?
I built my STABLE12 from source and did an install
On 5/8/07, Adrian Chadd [EMAIL PROTECTED] wrote:
Hi everyone,
The new website is at http://new.squid-cache.org/. I'd like to put
this version live in the next week or so. Could I get my writings
proofed and links checked by someone with a little spare time?
Ok. I took some time to proof the
On 5/8/07, Tim Bates [EMAIL PROTECTED] wrote:
Download
indicator went form 0% to 100% in less than a second and confirmed a
download size of 554 bytes in 1 sec.
Did you happen to look at the file contents when it finished? Maybe it
contains a clue to what goes on...
I just tried that link
On 5/8/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
tis 2007-05-08 klockan 18:48 -0400 skrev Chris Nighswonger:
Maybe it is a regression?
I built my STABLE12 from source and did an install over top of STABLE9.
From what I can tell Squid-2.6.STABLE12 works just fine and the problem
is most
On 5/7/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
Anyone else able to download 2GB files with IE6 configured to use a
proxy?
Send a link to one and I'll try in the next hour or so. 98% of what we
run behind squid is IE6 7.
Chris
On 5/7/07, Chris Nighswonger [EMAIL PROTECTED] wrote:
On 5/7/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
Anyone else able to download 2GB files with IE6 configured to use a
proxy?
Send a link to one and I'll try in the next hour or so. 98% of what we
run behind squid is IE6 7.
Confirmed
On 5/7/07, Chris Nighswonger [EMAIL PROTECTED] wrote:
On 5/7/07, Chris Nighswonger [EMAIL PROTECTED] wrote:
On 5/7/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
Anyone else able to download 2GB files with IE6 configured to use a
proxy?
Send a link to one and I'll try in the next hour
On 5/4/07, Brian Kirk [EMAIL PROTECTED] wrote:
Squid 2.6 Stable 9. Ok so if I understand you correctly, it will not
drop down to basic ever with IE since it is NTLM capable, it will just
prompt you for your credentials if the credentials that were provided
weren't a member of the specific
On 5/4/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
fre 2007-05-04 klockan 13:47 -0400 skrev Chris Nighswonger:
FWIW, you can pass *realm* off on IE's NTLM prompt by
'domain\username' in the 'username' field ([EMAIL PROTECTED] may
work as well).
That's the domain, not the realm. NTLM
On 4/24/07, Brian Kirk [EMAIL PROTECTED] wrote:
Thank you Chris, but I the client_persistent_connections is on by
default, and I couldn't find a setting in the squid.conf for the
persistent_connection_after_error is that new to squid 2.6?
I'm not sure if this directive is new to 2.6, but here
On 4/23/07, Brian Kirk [EMAIL PROTECTED] wrote:
Is there a way to have it
so once a user authenticates the credentials will be stored and won't
need the ntlm helper for a set time.
Do you have client_persistent_connections enabled? You might also try
enabling persistent_connection_after_error
On 4/20/07, Allen Schmidt Sr. [EMAIL PROTECTED] wrote:
Have never had to analyze our massive squid logs before but my boss's
boss is asking if we can provide access numbers on specific IP range
blocks. Is this possible? Anyone have any suggestions or a place to
start? We have webalizer running
On 4/17/07, Suman Mukherjee [EMAIL PROTECTED] wrote:
However while I am trying to connect any instant messaging (Yahoo
messenger, MSN) through the proxy, connection is getting failed due to
authentication failure.
Are your MSN IM client setup for HTTP post method in the proxy config
section? I
On 4/8/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
Any messages in cache.log? If it's the same issue then there should be
messages about NTLM message type 3 seen when 1 expected.
That must be it. the cache.log is full of this type of entry:
[2007/04/08 20:41:45, 1]
On 4/9/07, Chris Nighswonger [EMAIL PROTECTED] wrote:
On 4/8/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
Any messages in cache.log? If it's the same issue then there should be
messages about NTLM message type 3 seen when 1 expected.
That must be it. the cache.log is full of this type
On 4/9/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
mån 2007-04-09 klockan 13:43 -0400 skrev Chris Nighswonger:
It doesn't go :(
Ok. Gave my 5 cents of information in the bug report on what I think is
the cause.
Thanks Henrik.
Chris
No takers?
On 4/5/07, Chris Nighswonger [EMAIL PROTECTED] wrote:
Hi all,
I am having an intermittent issue with squid prompting multiple
times for authentication especially which using the gmail web
interface. If I am away from the computer for any length of time, the
prompts back up so deep
program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
Here is some other info:
Browser: Firefox 1.5.0.10
Squid: 2.6.STABLE9
Any thoughts? Or is this yet another ntlm foible?
Thanks,
Chris
--
Chris Nighswonger
Network Systems Director
Foundations Bible College Seminary
On 4/1/07, Kenny Lee [EMAIL PROTECTED] wrote:
yes ...
Does this mean that you can access your site from inside with squid bypassed?
i can browse the website using internet IP address ... but if i used
the website name to browse, it come out that error msg.
Again, is this through squid or
On 3/30/07, Kenny Lee [EMAIL PROTECTED] wrote:
Hi all,sdsdsd
i am a beginner for Squid. I have setup a Squid Proxy with Suse Linux 10.2,
and i have a web server which now connecting to squid proxy to access
internet. Everythings is working fine, the web server can surf net, update
Spamassassin,
On 3/27/07, Charl Loubser [EMAIL PROTECTED] wrote:
My squid.conf :
acl local_network dst 192.168.0.0/24
acl local_dmz dst 192.168.1.0/255.255.255.240
I believe you mean 'acl local_network src 192.168.0.0/24' and 'acl
local_dmz src 192.168.1.0/255.255.255.240'
http_access allow localhost
On 3/27/07, Chris Rosset [EMAIL PROTECTED] wrote:
So just checking if the --enable-gnuregex might help, or should i go
with squidgard or squirm some other redirector?
I'm not sure what you are trying to acl, but Dansguardian works nicely
for filtering purposes.
Chris
On 3/26/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
sön 2007-03-25 klockan 17:25 -0400 skrev Chris Nighswonger:
And if you try using the squidclient command line client shipped with
Squid?
C:\squid\binsquidclient http://www.google.com
HTTP/1.0 200 OK
Cache-Control: private
Content-Type: text
On 3/26/07, Charl Loubser [EMAIL PROTECTED] wrote:
The intranet runs on a seperate server, which has Ip 192.168.1.3. It
does not seem to be able to proxy the request, and constantly hands me a
connection refused error when I try and access one of the pages.
1. Where is squid running?
2. What
On 3/26/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
mån 2007-03-26 klockan 07:17 -0400 skrev Chris Nighswonger:
There is several proxy settings in MSIE. There is the general proxy
settings, then another set per connection. Maybe more..
They say you learn something new every day. After years
Hi Guido,
On 3/25/07, Guido Serassio [EMAIL PROTECTED] wrote:
Hi,
Squid works fine on all Windows version starting from 2000 to the latest Vista.
Do you have any personal firewall running on your XP machine
I had it on, but have disabled it completely now. It still looks like
squid is not
On 3/25/07, Guido Serassio [EMAIL PROTECTED] wrote:
Maybe the same reason because squid is not working ?
Also check your antivirus software.
I tried with AV services completely disabled. No luck.
Do you can see the 3128 port in use with netstat -a command ?
With squid started:
TCP
Hi all,
I installed the windows port of squid by Acme Consulting on an XP
workstation with a dialup connection to the inet. Fixed up the
squid.conf so that squid listens on 127.0.0.1 and set the IE proxy
settings accordingly. Sadly I get no page-loads.
The cache log shows that squid starts up
On 3/23/07, Brian Bepristis [EMAIL PROTECTED] wrote:
Hey all I have squid setup and has been running for some time at one of
my customers sites however when every they visit this site with java it
keeps asking for the username and password and we are typing it in
correctly but I need to get this
On 3/14/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
The window scaling problem is unfortunately not so easy to detect in
Squid as it causes connections to hang after the request has been sent
and acknowledged making it just look like the server takes ages to
process the request, so it
On 3/14/07, Fabio Silva [EMAIL PROTECTED] wrote:
Chris, look it.. i have no ACL just one
acl network src 192.168.2.0/255.255.255.0
http_access allow network
All works good but only one site doesnt work.. the site is from Brazil
www.uol.com.br but is the users area and must have username and
On 3/13/07, Tornado [EMAIL PROTECTED] wrote:
Yes we are. Are there any known issues with NTLM and java?
Java does not seem to support transparent authentication very well. I
use ntlm_auth and had the same issue. My workaround is to add this to
my squid.conf:
acl Java browser Java/1.4
On 3/12/07, Tornado [EMAIL PROTECTED] wrote:
Hi all,
We are using squid proxy which is integrated with AD on our network without
much problems and everything seems to be working fine except when site makes
the use of Java.
Are you using ntlm?
Chris
On 3/11/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
sön 2007-03-11 klockan 16:38 +0800 skrev Adrian Chadd:
If someone would like a fun weekend project - write something to sniff
out these broken connections and insert temporary ip routes for it.
Another idea would be a test tool to see why
On 3/9/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
tor 2007-03-08 klockan 20:25 -0500 skrev Chris Nighswonger:
ip route add $THEIR_IP/32 via $MY_GATEWAY window 65535
which only limits window scaling for that destination without
interfering with your other connections
---end snip
Hi all,
I have a site (www.ncsecu.org) which has been working fine via Squid
2.6STABLE9. Several days ago it broke. Doing some investigation with
wireshark, it looks like the site has switched to HTTP 1.1.
I have checked with the list archives and understand that there is
no real support for
On 3/8/07, Adrian Chadd [EMAIL PROTECTED] wrote:
You can try the Squid-2 snapshots which include the below patch.
http://www.squid-cache.org/Versions/v2/HEAD/
Here is what I have done:
1. My current install is via yum (rpm).
2. I have configured with the same options returned from a '#squid
On 3/8/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
tor 2007-03-08 klockan 08:38 -0500 skrev Chris Nighswonger:
Hi all,
I have a site (www.ncsecu.org) which has been working fine via Squid
2.6STABLE9. Several days ago it broke. Doing some investigation with
wireshark, it looks like
On 3/8/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
tor 2007-03-08 klockan 18:46 -0500 skrev Chris Nighswonger:
It can. The default page will not load with squid in-line. No errors
at all in access.log. The browser just hangs. This happens after squid
forwards an HTTP 1.0 packet. The entire
On 3/8/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
That smells more like a tcp windows issue than an HTTP/1.1 issue..
If on Linux try the following workaround:
echo 0 /proc/sys/net/ipv4/tcp_window_scaling
this works around quite many broken firewalls not coping well with
window scaling, but
On 3/7/07, Fabio Silva [EMAIL PROTECTED] wrote:
Yes... but nothing like DENIED is logged... just normal access...
1. Does the video stream ok with squid bypassed? (ie direct connection
to the internet)
2. Post the acl and http_access portions of your squid.conf.
Chris
On 3/7/07, Michael Gichoga [EMAIL PROTECTED] wrote:
I'm fairly new to squid and I want to implement a policy to deny a
specific ip access to a particular domain e.g ebay.com How can I make
this work with acls?
Try something like
acl ebay dstdomain .ebay.com
acl restrict_ip src
On 3/5/07, Fabio Silva [EMAIL PROTECTED] wrote:
Hi all, i have no rule to block stream in my squid.conf, but when i
try to open a video from a site, the video doesnt show to me. I tryed
to create a acl with the mime type of asf video but didnt solved my
problem. Any clue?
Have you checked your
On 3/5/07, Chris Robertson [EMAIL PROTECTED] wrote:
acl proxy_a_sites dstdom_regex [-i]
c:/squid/lists/proxy_a_sites.txt
I'd suggest you start by changing this ACL to one using dstdomain.
I mentioned this in our previous exchange.
The
regular expressions you are using are far too
Hi,
I run 2.6.STABLE9. I notice that the ntlm_auth does not have a
realm parameter. How hard would it be to add this? The resulting
proxy prompt in Firefox has where the realm name should be.
Thanks,
Chris
On 3/2/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
fre 2007-03-02 klockan 12:41 -0500 skrev Chris Nighswonger:
Hi,
I run 2.6.STABLE9. I notice that the ntlm_auth does not have a
realm parameter. How hard would it be to add this? The resulting
proxy prompt in Firefox has where the realm
What version of Squid are you running? You need version 2.6 to proxy the
broken Microsoft NTLM authentication scheme.
Kinkie
sorry for the late response it version 2.5.
But i its possible with anewer version ?
As mentioned above, 2.6 works nicely.
Chris
Very nice! I like the rounded, streamlined look.
Chris
On 2/26/07, Adrian Chadd [EMAIL PROTECTED] wrote:
Hi everyone,
The Squid team has been working on a replacement website for the Squid project.
The first stage is almost complete - the only thing missing from the current
website is the
On 2/25/07, SQUID Mailing List [EMAIL PROTECTED] wrote:
Hello List,
My question is that how do
I configure squid to capture traffic from my gigabit interface?
It would be nice to have more info. But for starters:
squid.conf
http_port gigabit_addr:port_to_listen_on
Chris
.
--
Chris Nighswonger
Network Systems Director
Foundations Bible College Seminary
www.foundations.edu
www.fbcradio.org
acl proxy_a_users external win_domain_group
group_proxy_a acl proxy_a_sites dstdom_regex [-i]
c:/squid/lists/proxy_a_sites.txt
acl proxy_b_users external win_domain_group
group_proxy_b acl proxy_b_sites dstdom_regex [-i]
c:/squid/lists/proxy_b_sites.txt
Why are you using dstdom_regex as the acl
On 2/22/07, Ray Dermody [EMAIL PROTECTED] wrote:
Hi,
Thanks for that Craig, that seems to have got me a bit further now. Im
getting prompted for a username and password when I try to browse but
it accepting nothing. Under /var/log/messages Im can see ntlm_auth
(permission?) errors.
Feb 22
Hi all,
I am running Squid 2.6.STABLE9 w/ ntlm_auth and basic, both are run
against a windows DC and Firefox 1.5.0.9
If I log into a gmail account and leave the browser open, eventually
the gmail interface performs some type of refresh. At times when it
does this, squid begins to prompt for
On 2/21/07, Adrian Chadd [EMAIL PROTECTED] wrote:
On Tue, Feb 20, 2007, Chris Nighswonger wrote:
Hi All,
I am sure that this must be a common issue with proxys and NTLM.
(yuk..) My users run a variety of apps which desire to access the
internet. Many of them do not play well with NTLM auth
recently dropped and rebuilt my cache from scratch in an effort to
diagnose some other issues. The new cache has only been up for right
at 24 hours. I don't know if this may be the reason for the missing
LRU time or not.
Thanks,
Chris
--
Chris Nighswonger
Network Systems Director
Foundations Bible
authentication based on their destination domain. I am
wondering what ways others have used to address this issue and would
like to hear them. Or perhaps this is the best way.
Thanks
Chris
--
Chris Nighswonger
Network Systems Director
Foundations Bible College Seminary
www.foundations.edu
Hi all,
Last night I upgraded our squid proxy from 2.6.STABLE5 to STABLE9.
This morning I notice that the TCP_MISS rate has jumped to 47%
Have I missed something I should have done during the upgrade?
Other info:
-Cache dir type = aufs
-The original install was via yum so the upgrade was
issues I would think.
Thanks for the help.
Chris
--
Chris Nighswonger
Network Systems Director
Foundations Bible College Seminary
www.foundations.edu
www.fbcradio.org
On 2/9/07, Alan Araujo [EMAIL PROTECTED] wrote:
What is the best solution:
1 - Squid -- Dansguardian -- Squid
Or
2 - Dansguardian (2.9.8.2) -- Squid
I am running #2 and it works fantastic. My thought is the fewer
components invovled, the less there is to break.
Chris
--
Chris Nighswonger
Network Systems Director
Foundations Bible College Seminary
www.foundations.edu
www.fbcradio.org
Maybe this is helpful: http://www.reub.net/node/3
Chris
On 2/8/07, Martin Kobele [EMAIL PROTECTED] wrote:
ok,
I finally found out, after running squid in gdb how to turn on the very
detailed debug output.
So I can confirm, squid does receive all of the handshaking:
2007/02/08 15:19:45|
RCODE ATTEMPT1 ATTEMPT2 ATTEMPT3
0 107751 79 35
1000
2 2369 2268 2224
3 988 217
4000
5000
Before this issue came up, I never remember seeing
Hi all,
I am seeing a number of entries similiar to the following in my cache.log:
CACHEMGR: unknown@192.168.0.247 requesting 'ntlmauthenticator'
CACHEMGR: unknown@192.168.0.247 requesting 'idns'
They appear anywhere from 5 to 10 at a time. This corralates with
complaints of slow pageloads
On 2/6/07, Chris Nighswonger [EMAIL PROTECTED] wrote:
Hi all,
I am seeing a number of entries similiar to the following in my cache.log:
CACHEMGR: unknown@192.168.0.247 requesting 'ntlmauthenticator'
CACHEMGR: unknown@192.168.0.247 requesting 'idns'
It appears I answered my own question
Hi all,
I have been working on this problem now for a day or so. I'm running
2.6.STABLE5. Towards the end of last week various pages begin to be
slow resolving and often required several F5's to finally load. The
problem changed over the weekend to pages not resolving at all but
being redirected
/6/07, Chris Nighswonger [EMAIL PROTECTED] wrote:
Hi all,
I have been working on this problem now for a day or so. I'm running
2.6.STABLE5. Towards the end of last week various pages begin to be
slow resolving and often required several F5's to finally load. The
problem changed over the weekend
On 2/2/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
tor 2007-02-01 klockan 16:26 -0500 skrev Chris Nighswonger:
The following is my setup to handle the direct connections:
acl streamserver dstdomain .streamserver.com
acl streamport 1234
http_access deny streamserver streamport
deny_info
/ (dstdomain + port)?
2. Am I doing this entire redirect the hard way? I would think that
squid would be the logical place to take care of this. Or is it
iptables?
Thanks,
Chris
--
Chris Nighswonger
Network Systems Director
Foundations Bible College Seminary
www.foundations.edu
acl streamport 1234
Assuming this is not a typo, you forgot an important feature. The ACL type.
acl streamport port 1234
Sorry about that. It is a typo. That line in the config does include
the port ACL type.
Thanks,
Chris
I cleaned out the cache directory and used squid -z to rebuild it, and
was still seeing the same old site. I have a hard time picturing how
that's even possible ;-)
Maybe you have tried, but have you bypassed squid to see if your
browsers can see the new site direct?
Chris
Hi all,
A search of the list archives shows only one post regarding this and
that one received no answer. So
How do I use more than one redirect program with squid? Inserting
multiple redirect_program lines bungles squid. I need to run both
adzapper and squirm.
Chris
--
Chris Nighswonger
1 - 100 of 110 matches
Mail list logo