tis 2012-05-08 klockan 10:48 +0500 skrev Ahmed Talha Khan:
I am interested in knowing how i can use squid as an SSL endpoint for
protocols other then HTTPS.
Short answer, no. Squid is an HTTP proxy.
The scenario is that i want to use its SSL
handling capability and use it for some other
ons 2012-04-18 klockan 11:08 +0500 skrev Ahmed Talha Khan:
I want to extract session 5-tuples inside squid and send them to an
ICAP servers as an argument to the service being invoked. By session
5-tuple i mean the following
Source IP
Destination IP,
Source Port,
Destination Port,
ons 2012-04-18 klockan 14:03 +0500 skrev Ahmed Talha Khan:
Thanks for the info. I am aware but that these are TCP level
identifiers. I digged into it and saw that class HttpRequest has
members client_ip, host_ip, port and my_addr. Client_ip is very
obvious and i can see that the X-Client-IP
ons 2012-04-18 klockan 17:41 +0500 skrev Ahmed Talha Khan:
What do you mean by until- then here? Does this have to do with the
vectoring point, ICAP coming in PRE_CACHE before the request going
out?
Yes.
Regards
Henrik
mån 2012-04-02 klockan 16:47 +0930 skrev Michael Hendrie:
On 06/02/2012, at 10:08 AM, Henrik Nordström wrote:
sön 2012-02-05 klockan 14:09 -0600 skrev James R. Leu:
certificate_db.cc: In member function ‘void Ssl::CertificateDb::load()’:
certificate_db.cc:455:1: error
ons 2012-03-07 klockan 10:35 -0700 skrev Alex Rousskov:
I think it is neither reasonable nor practical to make Squid v3.2
stable designation dependent on 2.x bugs, especially those filed years
ago with insufficient information. Squid v3.2 can be stable regardless
of what bugs the old 2.x
tis 2012-02-14 klockan 12:20 + skrev Alex Crow:
Strangely s_client without any additional parameters seems to work:
OpenSSL s_client -connect applyonline.abbeynational.co.uk:443
CONNECTED(0003)
Do not work for me when testing this site.
$ openssl s_client -connect
tor 2012-02-16 klockan 23:32 +0400 skrev Vyacheslav Maliev:
Thanks for your answer, but both variants are not suitable in my
situation. My proxy is working in transparent mode and there is not
possible to authenticate in this mode as i know. I can`t expose
networks behind routers because there
ons 2012-02-08 klockan 16:50 -0300 skrev Martin Nigoul:
Thanks!
You may be right about the session cookies but we are behind a
firewall so we have no way other than our proxy parents to get to any
internet site.
prefer_direct off was in place as default.
never_direct allow all
Have you
tor 2012-02-09 klockan 17:05 +0100 skrev sauro...@gmx.de:
Hi all,
i have huge problem with getting Squid working as a reverse proxy for OWA.
I have created a certificate request on my Windows Server 2008, then I
have created a certificate and converted it to .pfx. This one I could
get into
fre 2012-02-10 klockan 04:33 -0500 skrev PS:
It seems like every site that I connect to while using Squid, the
server always chooses Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
(0x0084). I'm not sure why. Exactly what does the cipher option do?
The cipher string sets the list of SSL
fre 2012-02-10 klockan 11:31 +0100 skrev Helmut Hullen:
Hallo, squid-users,
my self made squid 3.2.0.14 sometimes produces messages like
Jan 30 08:56:58 Arktur squid[4263]: Failed to select source for 'http://
ivwbox.de/'
Jan 30 08:56:58 Arktur squid[4263]: always_direct = 0
Jan 30
lör 2012-02-11 klockan 02:07 +1300 skrev Amos Jeffries:
Direct access is permitted, but DNS produced no usable results.
Should not result in failed to select source...
Regards
Henrik
sön 2012-02-12 klockan 13:12 +0100 skrev zumike:
How can I to join for the PDC itself?
You don't. It's already joined when it created the domain.
Regards
Henrik
tor 2012-02-09 klockan 23:13 -0800 skrev babajaga:
Accepted object sizes: 262144 - (unlimited) bytes
Where in cachemgr do you see this message?
Regards
Henrik
sön 2012-02-12 klockan 14:07 + skrev Jason Gauthier:
In regards to this log entry:
1329010018.324 1 192.168.71.117 TCP_DENIED/407 4067 GET
http://www.pendulus.org/loadshortpause.php - NONE/- text/html
1329010018.473 0 192.168.71.117 TCP_DENIED/407 4332 GET
sön 2012-02-12 klockan 15:19 +0100 skrev Helmut Hullen:
Jan 30 08:56:58 Arktur squid[4263]: Failed to select source for
'http:// ivwbox.de/'
Jan 30 08:56:58 Arktur squid[4263]: always_direct = 0
Jan 30 08:56:58 Arktur squid[4263]:never_direct = 0
Jan 30 08:56:58 Arktur
sön 2012-02-12 klockan 19:01 + skrev Jason Gauthier:
I attempted to add persistent_request_timeout 6 minutes, but that
did not achieve the desired effect.
That makes Squid wait at most 6 minutes for a new request after the
first completed, closing the connection if no new request is seen.
sön 2012-02-05 klockan 17:52 + skrev Alex Crow:
One example I know can reproduce this every time is:
https://applyonline.abbeynational.co.uk/olaWeb/OLALogonServlet?action=prepareapplication=OnlineBankingRegistrationServletjs=on
that's a broken server the initial client hello handshake to
sön 2012-02-05 klockan 14:09 -0600 skrev James R. Leu:
I get the following errors:
ufs/store_dir_ufs.cc: In member function 'virtual void
UFSSwapDir::statfs(StoreEntry) const':
ufs/store_dir_ufs.cc:321:55: error: unable to find string literal operator
'operator PRIu64'
What compiler and
sön 2012-02-05 klockan 17:33 -0600 skrev James R. Leu:
If squid is configure to use ICAP and the ICAP server supports
RESMOD would the ICAP server be given the full response unencrypted?
In sslbump mode yes.
Regards
Henrik
sön 2012-02-05 klockan 22:44 -0500 skrev PS:
Is there a specific place where that temp certificate is located, or
is it the same certificate that I generated using OpenSSL and is
provided to squid in the http_port option of the squid.conf?
See sslcrt_program option,.
Regards
Henrik
mån 2012-01-30 klockan 19:10 -0300 skrev Martin Nigoul:
As we try to retrieve those files through our proxy we recive
An error occurred on the server when processing the URL. Please
contact the system administrator.
If we configure one of our cache_peer parents as the proxy for the
browsers
lör 2012-02-04 klockan 15:22 +1300 skrev Amos Jeffries:
Sigh. Exchange is VERY sensitive to the nature of requests it receives.
I suspect very much that this URL re-writing is part of the problem.
Yes. You can not rewrite URLs in any manner when reverse proxying
- Exchange
- Most WebDAV
lör 2012-02-04 klockan 13:23 + skrev Jason Fitzpatrick:
I was hoping that if a client failed to authenticate then it would be
forwarded to the upstream and fall under what ever the default (un
authorized) ruleset is, known risky sites etc would be getting
filtered there,
Unfortunately
mån 2012-01-30 klockan 11:48 +0800 skrev kimi ge(巍俊葛):
Could anyone give any suggestion to configure squid as a reverse-proxy
to work with IIS/SharePoint plus NTLM?
The normal recommended setup should just work.
http_port 80 accel vhost
cache_peer ip.of.iss.server 80 0 no-query originserver
mån 2012-01-30 klockan 13:00 -0500 skrev Carter, David:
I looked in the FAQ, but I'm sure even what to call what I'm looking
for. I saw entries about redirects, but I don't see how to apply them
to what I need. I want to use Squid to intercept requests from
internal test machines and be able
tis 2012-01-31 klockan 11:38 +0800 skrev kimi ge(巍俊葛):
1. squid 2.6.23
Please use Squid-2.7.STABLE9 if using Squid-2. Not sure if connection
pinning to peers (required for NTLM) works well in 2.6.23.
http_port 192.85.142.88:80 accel defaultsite=usplsvulx104.elabs.eds.com
cache_peer
tor 2012-01-26 klockan 10:20 +0400 skrev CyberSoul:
dn: CN=internetusers,OU=KNG-Services,DC=kng,DC=local
member: CN=ldapreader,OU=KNG-Services,DC=kng,DC=local
member have full LDAP DNs.
Well, command for authorized by users I used is:
/usr/lib/squid/squid_ldap_auth -R -D ldapreader@kng.local
ons 2012-01-25 klockan 08:50 -0800 skrev Luc Igert:
Hi Amos, and thanks a lot for your answer.I Forgot to say I’m running as a
Reverse Proxy with multiple backends, Squid 3.1
What’s confusing for me is the fact that www.xxx.ch is working, while
backup.xxx.ch or wbbltest.xxx.ch aren’t.
So
ons 2012-01-04 klockan 12:48 +0200 skrev Eliezer Croitoru:
the funny thing is that fedora 16 with kernel 3.1.6 and squid 3.2.0.13
from the repo just works fine.
And have nothing special for making Squid run at all.. except not
mucking around with it and staying as close to upstream as
sön 2011-12-25 klockan 17:07 +0200 skrev Eliezer Croitoru:
acl proxy1 dstdomain secondproxy.com specialdomain1.com specialdomain2.com
always_direct deny proxy1
always_direct allow all
never_direct allow proxy1
Or clearer and easier to extend on:
cache_peer_access secondproxy.com allow
ons 2011-12-28 klockan 14:33 +1300 skrev Amos Jeffries:
In order to move to the more secure auth methods usually requires a
config setting in the LDAP to enable support for secure authentication
tokens instead of a password. If you are lucky the LDAP server already
has that turned on and
tis 2011-12-27 klockan 22:56 +0100 skrev ftiaronsem:
without problems. However I am unable to connect to google+
https://plus.google.com, getting: The connection has timed out.
Maybe Google have finally enabled some 10+ year old badly needed TCP
extensions to improve performance and your
ons 2011-12-28 klockan 15:10 +1300 skrev Amos Jeffries:
On Debian yes, it must be re-compiled with --enable-ssl. The Debian
policy has problems with the way Squid (GPLv2+) and OpenSSL
(proprietary) licenses combine.
The OpenSSL license is not an proprietary license, it's an very liberal
tor 2011-12-22 klockan 13:10 +1300 skrev Amos Jeffries:
Could also be a slow client (ie dialup modem). 68KB of data at dial
speeds of 1-2 KB/sec would take that long. Modern browsers open many
concurrent requests, which can drop modem speed down into that range
very easily.
Well, would
tis 2011-12-20 klockan 10:48 -0500 skrev Terry Dobbs:
I am using Berkley DB for the first time, perhaps that's why it takes
longer? Although, I don't really see what Berkley DB is doing for me as
I am still using flat files for my domains/urls? Guess I should take
this to the squidGuard list!
ons 2011-12-21 klockan 18:47 +0100 skrev feralert:
Maybe a dump question: why does it take so long for some TCP_MEM_HITS
to 'show up', for example i got this:
Dec 21 17:37:15 42721 192.X.X.X TCP_MEM_HIT/200 68873 GET http://example.com
Possibly ACL processing needing to wait for something
ons 2011-12-21 klockan 18:44 + skrev Jenny Lee:
It takes me a minute and half to reach full load when squid doing 100 req/sec
is sent a reconfigure. Squid barely serves anything during this time (but it
is functional). All my timeouts are low. It was not like this on 3.2.0.1.
How big
mån 2011-12-19 klockan 23:53 +1300 skrev Amos Jeffries:
Do you have a trace from this server when requesting something from the
login-required area of the site?
If the requested URL contains login credentials then anonymous FTP login
SHOULD NOT be attempted.
Regards
Henrik
mån 2011-12-19 klockan 18:35 +0200 skrev E.S. Rosenberg:
Hi all,
We have a Cisco WLC controlling our local wireless network, I would
like it for squid to know which user is associated with the IP of the
wireless client, so that I can implement user based
restrictions/freedoms for our wireless
tis 2011-12-20 klockan 14:02 +0530 skrev Benjamin:
When i remove traffic from router to squid means that time, there is no
traffic on squid box and that time also i can see same 100% cpu
utilization in top command.
Sounds like a bug.
First step, upgrade to a current release. 3.1.10 is
tis 2011-12-20 klockan 14:09 +0200 skrev E.S. Rosenberg:
About the wlc I don't know for sure yet, I can probably create a
script/program that when presented with an IP can convert it to a
username on the Radius server...
But I don't know how that would then interact with squid...
Thanks,
tis 2011-12-20 klockan 15:37 +0100 skrev Sean Boran:
It might be possible to sent the WLC logs to a syslog server, where
one could pipe into a parser to extract the pairs needed and front
there create an ACL for squid?
As soon as you from the Squid server somehow can query who is the user
at
lör 2011-12-17 klockan 19:15 +0530 skrev Sekar Duraisamy:
I have configured the log format with %{X-Forwarded-For}h . But in
this field shows - . Not showing original client IP.
Is the load balancer adding a X-Forwarded-For header?
How to configure the squid to find the original client IP in
tor 2011-12-15 klockan 11:48 -0500 skrev Michael Altfield:
I think I might have found it here (https://code.launchpad.net/~squid/squid=
/3.1), but I'm not sure if this is the STABLE repository. If it is, can som=
eone please explicitly say so in the README of the repo or on the wiki (htt=
fre 2011-12-16 klockan 12:50 +0700 skrev Widhiyanto, Projo:
I have a problem with certain website that doesn't seem to maintain
session when it is redirected after a login process. Login was
successful, but once you got redirected, the session is lost - and you
got logged out. However the
Please try testing this with squidclient or another dumb http client.
The major browsers are all pretty braindead in different manners when it
comes to non-anonymous FTP URLs and can confuse matters greatly.
Regards
Henrik
lör 2011-12-17 klockan 03:44 +0100 skrev Henrik Nordström:
tor 2011-12-15 klockan 11:48 -0500 skrev Michael Altfield:
I think I might have found it here (https://code.launchpad.net/~squid/squid=
/3.1), but I'm not sure if this is the STABLE repository. If it is, can som=
eone please
tis 2011-12-13 klockan 22:59 +1300 skrev Amos Jeffries:
Squid has resolved the domain name (www.facebook.com) the client
(10.0.2.45) was supposedly contacting and determined that the IP
(66.220.147.33) the packet was going to does not belong to that domain name.
Details about the alert
tis 2011-12-13 klockan 12:59 +0200 skrev Saleh Madi:
Dos the policy based routing make the Host header forgery detected problem.
All forms of interception runs into this.
The best cure is to get the browser configured to use the proxy. This
avoids the issue entirely.
See WPAD for one way to
manual. I'm compiling from the
source on a ubuntu 10.04LTS
Anyone else seeing this problem?
2011/8/29 Henrik Nordström hen...@henriknordstrom.net
sön 2011-08-28 klockan 04:07 -0700 skrev Yucong Sun (叶雨飞):
Hi, after turning on https_port , I start to have
debug_options are
default, which should be all,1 per manual. I'm compiling from the
source on a ubuntu 10.04LTS
Anyone else seeing this problem?
2011/8/29 Henrik Nordström hen...@henriknordstrom.net
sön 2011-08-28 klockan 04:07 -0700 skrev Yucong Sun (叶雨飞):
Hi, after turning
sön 2011-09-25 klockan 15:25 + skrev Jenny Lee:
Can someone who knows squid SNMP output devise some meaningful
templates for us to be used in rrdtool or Cacti? I think it is such a
waste to have all this info available yet nothing to use it from.
I have some rrdtool templates. Not perfect
tis 2011-08-30 klockan 14:19 +0200 skrev Rafal Zawierta:
Is it possible to use dual authentication helpers in one squid3 instance.
Kind of, but only one of each authentication type.
If user is in WinNT domain, he is authenticated against AD in negotiate mode.
If user is not in in AD, then he
tis 2011-08-30 klockan 14:25 +0200 skrev Mateusz Buc:
every server. Is squid capable of caching content which requires
'basic' authentication?
Only if excplicitly told to, and then without validating the
authenticaiton.
Responses to requests with authentication is cached if either
a) The
tis 2011-08-30 klockan 14:40 +0200 skrev webmas...@ch-lons.fr:
I'd like to use squid with both havp and dansguardian as cache_peer.
It seems I have only one cache_peer working at time.
How can I use 2 cache_peer ?
You need to chain them together. You can place them in pretty much any
order you
tis 2011-08-30 klockan 16:45 +0200 skrev webmas...@ch-lons.fr:
I just made this : Squid1 - Havp - DG - Squid2.
cache_peer is calling havp.
I defined DG as Parent proxy of HAVP.
And DG finally connect to Squid2.
Is it correct ?
Looks fine to me.
This is the only way I found for getting
mån 2011-08-22 klockan 09:54 +0800 skrev Raymond Wang:
Hi, all:
In our company, the business logic is common: different URL may
refer to the same content files. so in order to optimize the usage of
memory, it is better that Squid would keep only object cached when the
content is equal
ons 2011-08-24 klockan 15:16 +0530 skrev viswanathan sekar:
Is squid IO bound or CPU bound ?
Depends on how it's being used, your systems I/O capabilities,
configuration and many other parameters.
The main relecant prameters are
* Cache or no cache
* Forward or reverse proxy
* Type of
mån 2011-08-29 klockan 15:04 +0530 skrev senthil kumar:
When selecting cache_peer among many peers, whether peer which has
originserver, does have any preference or any special feature?
No. It simply tells Squid that this peer is a web server and expects
requests to be sent in web server
sön 2011-08-28 klockan 04:07 -0700 skrev Yucong Sun (叶雨飞):
Hi, after turning on https_port , I start to have these logs in
cache.log , which is meaningless to have on a production server,
anyway to turn it off?
-BEGIN SSL SESSION PARAMETERS-
What are your debug_options set to? This
Basically the following per site:
https_port unique-ip:443 name=site_a cert=/path/to/cert.pem accel
defaultsite=sitename.a
acl sites_a dstdomain sitename.a
cache_peer ip.of.web.server parent 443 0 name=server_a ssl no-query originserer
cache_peer_access server_a allos sites_a
But
tis 2011-08-16 klockan 16:54 -0400 skrev Carlos Manuel Trepeu Pupo:
I want to make Common Address Redundancy Protocol or CARP with two
squid 3.0 STABLE10 that I have, but here I found this question:
If the main Squid with 40 GB of cache shutdown for any reason, then
the 2nd squid will start
mån 2011-01-24 klockan 18:44 +0100 skrev Ralf Hildebrandt:
In the section case Squid and the server did not agree on the SSL
protocol.
I wonder what went wrong in that case.
Could be many things unfortunatey. But to be honest it's not worth
investigating in your case. You ended up in the
mån 2011-01-24 klockan 17:46 +1300 skrev Amos Jeffries:
AFAIK, that proper variant handling was not yet ported to squid-3. Only
in squid-2 right now.
Correct, but even the basic variant handling is 1-N. The difference is
that the basic mode do not merge equal responses, and each possible
sön 2011-01-23 klockan 23:35 -0500 skrev Max Feil:
If you look through the traces you'll notice that at some point Squid
sends a TCP [FIN, ACK] right in the middle of a connection for
seemingly no reason.
From the browser side it seems to be given no notification that the
connection was
mån 2011-01-24 klockan 12:09 -0600 skrev jam...@mail.milton.k12.wi.us:
the CONNECT function and tries to block it but it still passes through.
What does access.log report?
REgards
Henrik
tis 2011-01-25 klockan 02:01 +1300 skrev Amos Jeffries:
But to be honest we do not really need to check that POST/PUT have a
request entity. This is mostly a relic from way back when request
entities were handled very special.
Can I expect a patch soon then?
Sure. Revision 11172.
mån 2011-01-24 klockan 10:44 -0500 skrev John Craws:
Hi Amos,
Thank you for your reply.
I am wondering if squid should still be doing this if, as in my
particular case, caching is disabled on the proxy instance.
Based on my observations, it does.
It's been discussed from time to time
mån 2011-01-24 klockan 19:52 + skrev smudly Quickhands:
You are saying that I can use the same certificate on two servers by
following the instructions below? Is that legal?
Sure. Perfectly fine, and commonly done in many situations.
- reverse proxy setups, like yours
- clustered servers
mån 2011-01-24 klockan 18:39 -0200 skrev Marcus Kool:
I did not find options to configure bind/named to ignore lookups either
so I would love to see Squid have the new option.
It does.
a) If Squid is built without IPv6 support
b) If the host where Squid runs do not have IPv6 support at
lör 2011-01-22 klockan 12:16 -0500 skrev James P. Ashton:
Does anyone have any thoughts on this? I am not fond of the idea that both
squid instances stopped responding to SSL requests at the same time.
Is your OpenSSL up to date?
Regards
Henrik
tor 2011-01-20 klockan 02:50 -0500 skrev Max Feil:
Thanks. I am looking at the squid access.log and the delay is caused by
a GET which for some reason does not result in a response from the
server. Either there is no response or Squid is missing the response.
After a 120 second time-out the
fre 2011-01-21 klockan 05:45 +1300 skrev Amos Jeffries:
empty? No. If they have no content length indicated they have to be
assumed as being infinite length transfers. HTTP specs require this 411
reply message.
Not quite. Requests without an entity is always headers-only. The
infinite
fre 2011-01-21 klockan 11:31 +0100 skrev Ralf Hildebrandt:
1294685115.286 0 10.43.120.109 NONE/501 4145 POST
https://enis.eurotransplant.nl/donor-webservice/dpa?WDSL - HIER_NONE/-
text/html
So, I enabled SSL using --enable-ssl and now I'm getting:
1295605546.943313
lör 2011-01-22 klockan 23:04 +1300 skrev Amos Jeffries:
Squid caches only one of N variants so the expected behviour is that
each new variant is a MISS but becomes a HIT on repeated duplicate
requests until a new variant pushes it out of cache.
No it caches all N variants seen if the origin
sön 2011-01-23 klockan 14:14 -0800 skrev Jonathan Wolfe:
I'm using the values of asdf for a bogus Accept-Encoding value that
shouldn't trigger gzipping, and gzip for when I actually want to
invoke the module. To be clear, the webserver isn't zipping at all.
Is the web server responding with
tis 2011-01-18 klockan 08:41 -0800 skrev diginger:
Please tell me what http headers required in response for squid caching to
work.
At least one of
Last-Modified: datetime
Cache-Control: max-age=seconds
Expires: datetime
and no other headers which forbids caching.
ons 2011-01-19 klockan 13:12 +0100 skrev Rafal Zawierta:
authenticateNegotiateHandleReply: Error validating user via Negotiate.
Error returned 'BH received type 1 NTLM token'
That the client selected to use NTLM, not Kerberos. The squid_kerb_auth
helper only supports Kerberos. To support NTLM
tor 2011-01-20 klockan 01:26 +1300 skrev Amos Jeffries:
As you can see the browser is sending an NTLM handshake instead of the
Kerberos token. The current Squid auth system does not support
Negotiate/NTLM only Negotiate/Kerberos but has no way to tell IE8 that.
Technically Squid do not care
fre 2011-01-14 klockan 21:06 +0200 skrev Eda FLORAT:
if accept loosing debug symbols and get stripped binary, can we say
that stripped binary of squid will perform better?
There is a almost non-existing difference in startup time for loading
the binary. Once started there is no difference in
mån 2011-01-17 klockan 11:39 -0800 skrev Michael Leong:
Hi,
My squid installation keeps crashing w/ the following error:
assertion failed: filemap.c:78: fm-max_n_files = FILEMAP_MAX_SIZE
Which is what subject says.
Each cache_dir can hold up to 2^24 objects.
Reduce the size of your
sön 2011-01-16 klockan 20:33 -0800 skrev fix:
Persistant Connection Timeout setting, Whats a good start?
I have mine set to 120, is that ok??
It's the default, and should be reasonable.
Regards
Henrik
mån 2010-12-27 klockan 11:00 -0600 skrev Orestes Leal R.:
I've built squid 3.1.10 on openbsd4.6 sucessfuly
but my squid binary it's 40M of size, then I do a:
it's this size by default normal?
Yes.
squid gets a debug build by default?
Yes, just as is done for virtually any Open Source
tor 2011-01-13 klockan 15:38 +0300 skrev Hasanen AL-Bana:
Hi,
I am getting these every few minutes causing squid process to restart
2011/01/08 17:30:20| assertion failed: coss/store_dir_coss.c:276:
curstripe == storeCossFilenoToStripe(cs, e-swap_filen)
This is a bug.
A guess is that it's
tor 2010-12-23 klockan 11:52 -0800 skrev Alex Ray:
I've written an ad-hoc bash script, ssl_srtd_ca, that acts like the
following, but doesn't work when dropped-in. Is there some sort of
spec on how ssl_crtd communicates?
src/ssl/ssl_crtd.cc is the closest to a spec I think.
why did you need
tor 2010-12-23 klockan 13:56 -0800 skrev Alex Ray:
2010/12/23 13:54:55 kid1| Closing SSL FD 10 as lacking SSL context
in the cache.log, and in a browser bounces between Looking Up and Waiting For.
That means it failed to dynamically generate the cert, and since there
was no default cert
tor 2010-12-23 klockan 18:02 -0300 skrev Daniel Echizen:
HI, i need a best solution to implement a squid proxy in front of a
bgp. I dont know the bgp system right now, but a was thinking in a
tproxy or wccp.. any idea the best way to do this.. and also the best
hardware for 100M of link.
How
ons 2010-12-22 klockan 12:37 -0800 skrev Volker-Yoblick, Adam:
I'd like to further customize the time format of the local time (%tl) to be
%Y/%m/%d:%H:%M:%S %z , but the docs don't make it very clear on how to supply
the strftime format argument. Can someone explain what the correct syntax
lör 2010-12-18 klockan 02:25 +1300 skrev Amos Jeffries:
On 17/12/10 23:23, Nick Cairncross wrote:
Hi List,
A quick Delay Pool question..and a favour..
Currently using basic Delay Pool configuration for users:
delay_class 1 4
delay_parameters 1 -1/-1 -1/-1 -1/-1 200/200
fre 2010-11-26 klockan 21:08 + skrev Ming Fu:
Ktrace shown that the bind failed because it try to open unix socket in
/usr/local/squid/var/run and it does not have the permission. So it is easy
to fix.
After the permission is corrected, I run into other problem, here is the log
snip:
tor 2010-09-30 klockan 13:24 +1000 skrev Paul Freeman:
However on further investigation, I don't think this is the case in this
instance. For some reason, the squid GET request to www.mhhe.com (IP
12.26.55.139) takes a long time to be completed - approx. 2 minutes. Some
data is returned
Build without --enable-cache-digests, or alternatively with
--disable-cache-digests
- Ursprungsmeddelande -
* Henrik Nordström hen...@henriknordstrom.net:
tis 2010-10-12 klockan 21:48 +0200 skrev Ralf Hildebrandt:
Program received signal SIGSEGV, Segmentation fault
ons 2010-10-13 klockan 08:36 -0700 skrev cachenewbie:
Hi - In a transparent mode, is there any protocol and functional
difference between squid running in forward mode and reverse mode ? i.e.
other than talking to a dedicated backend, is reverse proxy doing the same
thing as forward proxy
mån 2010-10-11 klockan 17:07 -0500 skrev Luis Daniel Lucio Quiroz:
Helo
just wondering if someone has packe squid in android phones ARM5+
Quite unlikely. But it should be possible. But Squid currently isn't the
easiest to crosscompile I amafraid.
But I do have Squid running in Nokia N900.
ons 2010-10-13 klockan 11:15 +0800 skrev Jeff Peng:
2010/10/13 Henrik Nordström hen...@henriknordstrom.net:
But I do have Squid running in Nokia N900.
How did you make that work Henrik?
I compiled it using gcc as usual. Only had to disable optimizations
using -O0 as the GCC version used
sön 2010-09-26 klockan 23:11 +0800 skrev Kaiwang Chen:
Hi all,
Looks like mgr:mem in squid 3.1.6 mainly contains 19 columns of data.
What are the corresponding 19 headers? The following is a copy of
mgr:mem output with HTTP reponse headers removed.
Current memory usage:
Header
Pool
ons 2010-09-29 klockan 15:19 +0400 skrev c0re:
And that's true. I need to change group to squid to
winbindd_privileged AND winbindd_privileged/pipe.
Trying to figure out on to how to ask winbind to make it's pipe with
another group like winbind_priv... winbind makes it root:wheel by
ons 2010-09-29 klockan 16:13 +0400 skrev c0re:
eh...
There is no winbind/samba and etc group. No samba/winbind user.
I guess I need to configure samba to use some different group like
winbind, add this group to system.
No need to configure samba. Just add the group and assign it group
1 - 100 of 576 matches
Mail list logo