The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-4.1 release!
This release is we believe, stable enough for general production use.
Support for Squid-3.x bug fixes has now officially ceased. Bugs in 3.5
will continue to be fixed, however the fixes will be added
On 04/07/18 12:06, Julian Perconti wrote:
> Hi all,
>
>
>
> I have installed squid 4.1 on debian 9 with openssl 1.1.0f on
> transparent mode.
>
>
>
> I need to know how to track this error: (debbuging options is almost
> impossible i mean examine the FD, etc.)
>
The SSL-Bump activity is f
On 04/07/18 11:18, Marcus Kool wrote:
> I read the changes and like them.
>
FYI: if you have a github account you should be able to post an
approve/change review, aka vote for the PR merge bot.
> I also looked at the error messages that Squid produces when helpers are
> overloaded.
> It would b
Hi all,
I have installed squid 4.1 on debian 9 with openssl 1.1.0f on transparent
mode.
I need to know how to track this error: (debbuging options is almost
impossible i mean examine the FD, etc.)
kid1| Error negotiating SSL connection on FD 19:
error:0001:lib(0):func(0):reason(1) (
I read the changes and like them.
I also looked at the error messages that Squid produces when helpers are
overloaded.
It would be nice if in external_acl.cc, helper.cc and redirect.cc the debugs(
... DBG_IMPORTANT ... ) messages have additional text like
#children, concurrency or queue-size
On 07/03/2018 10:52 AM, Marcus Kool wrote:
> I do like to see better documentation for the new queue-size option.
> Including your one-liner in squid.conf.documented is enough for me.
I wish it were that simple! For starters, there are at least six
independent and slightly different contexts wher
On 07/03/2018 12:02 PM, Vishali Somaskanthan wrote:
> Consider C1 and S1 connections were created for a HTTPs connection
> using ssl-bump. C1 has been served and closed from the client side.
Please note that C1/S1 could serve many requests before C1 got closed.
However, let's focus on the cross-c
*Thanks for the quick reply. I want to explain my question further.*
*Consider C1 and S1 connections were created for a HTTPs connection using
ssl-bump. C1 has been served and closed from the client side.*
*Now, the client initiates another HTTPS connection, C2. Since, persistent
connection is en
On 03/07/18 12:54, Alex Rousskov wrote:
On 07/03/2018 08:19 AM, Marcus Kool wrote:
If you think Squid should use a different default for all or some helper
categories, please post a proposal that documents pros and cons and
justifies the change. The URL above can be used as your guide to hel
Thanks for the clarification. The squid.conf.documented file says
The queue-size=N option sets the maximum number of queued requests to N.
which, for me at least, is hard to translate into
maximum number of requests buffered because no helper can accept it.
On 03/07/18 13:09, Alex Roussko
On 04/07/18 01:45, Amish wrote:
>
> On Tuesday 03 July 2018 06:07 PM, Amos Jeffries wrote:
>
>>> Or will it pick only last (or first) option and internal defaults for
>>> rest?
>> Each option in the directive replaces previous values of that same
>> option.
>>
>> For example;
>>
>> tls_outgoin
On Tuesday 03 July 2018 09:39 PM, Alex Rousskov wrote:
Marcus,
Based on your examples, I suspect that you are misinterpreting what
the queue is. The request is queued only when no helper can accept it.
The queue is not used for requests sent to helpers.
Alex.
Which means my previous int
Marcus,
Based on your examples, I suspect that you are misinterpreting what
the queue is. The request is queued only when no helper can accept it.
The queue is not used for requests sent to helpers.
Alex.
___
squid-users mailing list
squid-users@li
Umm, may be I mis-interpreted queue-size.
I thought queue-size indicates messages "waiting" in the queue and not
those are currently being processed.
So in case of:
url_rewrite_children 16 concurrency=4
When redirect process is busy --- its currently processing 64 urls.
So max(2*4,2*16)=3
On 07/03/2018 08:19 AM, Marcus Kool wrote:
> The original intention of this default value is have a queue that is
> twice the size of the messages being processed,
AFAICT, the "original intention" was different. The original intention
was to preserve old/unpatched Squid behavior to the extent pos
If an admin finds it necessary to configure
url_rewrite_children 16 concurrency=4
the helper subsystem is theoretically capable of processing 64 messages
simultaneously.
It does not makes sens to use max(2*4,2*16)=32 for queue-size, but should be
_at least_ 64.
Since Squid (before introducin
On 07/03/2018 06:47 AM, Ralf Hildebrandt wrote:
> * Gordon Hsiao :
>> squid4 has been released for quite a while, when will it be production
>> ready or any rough timeline on the horizon?
> I'm using annotate_transaction extensively. Is that available in
> Squid-4?
No, Squid v4 does not support a
2*NCONC*NCHILD will possibly lead to too high value as a default and the
busy-ness will never be logged.
My proposal of higher of (2*NCONC) and (2*NCHILD) would mean that load
is now regularly high enough that atleast 2 more children are needed.
We can start with that and then find a better f
On 07/03/2018 06:59 AM, Ahmad, Sarfaraz wrote:
>>> Squid does not understand WebSocket protocol (yet).
> Is supporting Websockets on the roadmap ?
Yes, we are working on tunneling WebSockets traffic after a successful
HTTP Upgrade exchange with the server (with admin permission, of course).
Alex
The original intention of this default value is have a queue that is twice the size of the messages being processed, so for helpers with concurrency=NCONC and num_children=NCHILD it makes a lot of
sense to set the default queue length to 2*NCONC*NCHILD.
I do not understand that "compatibility" wi
On Tuesday 03 July 2018 01:46 PM, Amos Jeffries wrote:
On 03/07/18 20:00, Amish wrote:
Hello,
In squid 4.1 new option "queue-size" was introduced.
In most (or all) cases default "queue-size" is set to children-max*2.
But I believe it should be higher of (children-max*2) OR (concurrency*2)
On Tuesday 03 July 2018 06:07 PM, Amos Jeffries wrote:
Or will it pick only last (or first) option and internal defaults for rest?
Each option in the directive replaces previous values of that same option.
For example;
tls_outgoing_options cipher=A cipher=B
is the same as:
tls_outg
>> Squid does not understand WebSocket protocol (yet).
Is supporting Websockets on the roadmap ?
-Original Message-
From: squid-users On Behalf Of Amos
Jeffries
Sent: Tuesday, July 3, 2018 6:15 PM
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Make websockets work wi
* Gordon Hsiao :
> squid4 has been released for quite a while, when will it be production
> ready or any rough timeline on the horizon?
I'm using annotate_transaction extensively. Is that available in
Squid-4?
--
Ralf Hildebrandt Charite Universitätsmedizin Berlin
ralf.hildebra
On 04/07/18 00:19, Ahmad, Sarfaraz wrote:
> Guys,
>
>
>
> Can you think of a way to make websockets work without splicing TLS
> connections ?
>
Squid does not understand WebSocket protocol (yet). So splicing is the
only option once the traffic is already going into the proxy.
Squid does supp
On 03/07/18 23:23, Amish wrote:
> Hello,
>
> I am trying new options in squid 4.1.
>
> For easy readability can I use tls_outgoing_options multiple times in
> squid.conf?
>
Yes. Provided the options specified on each are different.
> Like this: (Tips from
> https://wiki.squid-cache.org/ConfigE
Guys,
Can you think of a way to make websockets work without splicing TLS connections
?
I don't think on_unsupported _protocol would work here . Also would
on_unsupported_protocol work where the remote server abuses 443 for something
other than TLS ?
Regards,
Sarfaraz
_
Hello,
I am trying new options in squid 4.1.
For easy readability can I use tls_outgoing_options multiple times in
squid.conf?
Like this: (Tips from
https://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit)
tls_outgoing_options cafile=/etc/ssl/cert.pem
tls_outgoing_options opt
Hi Eliezer
I have been using your repos on CentOS for many years thank you for your hard
work.
Are you planning a stable repo for v4 now it's out.
Many Thanks
Mike
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cac
On 03/07/18 20:00, Amish wrote:
> Hello,
>
> In squid 4.1 new option "queue-size" was introduced.
>
> In most (or all) cases default "queue-size" is set to children-max*2.
>
> But I believe it should be higher of (children-max*2) OR (concurrency*2)
>
> Or it can be some better formula but the p
Hello,
In squid 4.1 new option "queue-size" was introduced.
In most (or all) cases default "queue-size" is set to children-max*2.
But I believe it should be higher of (children-max*2) OR (concurrency*2)
Or it can be some better formula but the point I am trying to make is
that, "concurrency"
31 matches
Mail list logo