Re: [squid-users] Getting the full file content on a range request, but not on EVERY get ...

On Wed, 2016-05-11 at 21:37 -0300, Heiler Bemerguy wrote: > > Hey guys, > First take a look at the log: > root@proxy:/var/log/squid# tail -f access.log |grep http://download.c > dn.mozilla.net/pub/firefox/releases/45.0.1/update/win32/pt- > BR/firefox-45.0.1.complete.mar > 1463011781.572   8776

Re: [squid-users] Squid 4.0.10 https intercept

I create cert: openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout squidCA.pem -out squidCA.pem And export it: openssl x509 -in squidCA.pem -outform DER -out squidCA.crt Wrong? Amos Jeffries писал 2016-05-11 17:18: On 11/05/2016 11:59 p.m., admin wrote: I just thought! I

Re: [squid-users] How to analyse squid memory usage

I’ve now got mgr:mem output from a leaky box for comparison but I’m having a hard time spotting where the problem might be. Would anyone more experienced mind taking at these and seeing if anything jumps out as a source of the high memory usage? - The leaky example has 8GB of server memory

[squid-users] Getting the full file content on a range request, but not on EVERY get ...

Hey guys, First take a look at the log: root@proxy:/var/log/squid# tail -f access.log |grep http://download.cdn.mozilla.net/pub/firefox/releases/45.0.1/update/win32/pt-BR/firefox-45.0.1.complete.mar 1463011781.572 8776 10.1.3.236 TCP_MISS/206 300520 GET

[squid-users] Squid 3.5.19-1 is available for Ubuntu 14.04 LTS (online repo ubuntu.diladele.com)

Greetings everyone, The Squid 3.5.19-1 package for Ubuntu 14.04 LTS is now available. This version is recompiled using Squid DEB source from Debian Testing with some changes required to support SSL bump / libecap3 on Ubuntu 14.04 LTS. * Original release notes are at

Re: [squid-users] Problems configuring Squid with C-ICAP+Squidclamav

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Try to increase debug level in c_icap.conf: # TAG: DebugLevel # Format: DebugLevel level # Description: #The level of debugging information to be logged. #The acceptable range of levels is between 0 and 10. # Default: #DebugLevel 1

Re: [squid-users] Problems configuring Squid with C-ICAP+Squidclamav

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 11.05.16 21:04, L.P.H. van Belle пишет: > > Hai, > > > > I reviewd your config, thing whats different in c-icap.conf compared to me. > Obviously, the mindless copying and pasting the config - very bad practice, is not it? > > RemoteProxyUsers

Re: [squid-users] Problems configuring Squid with C-ICAP+Squidclamav

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Problem is not in squid. 11.05.16 21:04, C. L. Martinez пишет: > On Wed 11.May'16 at 20:53:56 +0600, Yuri Voinov wrote: >> >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA256 >> >> Second try to check changelog for your version squidclamav.

Re: [squid-users] Problems configuring Squid with C-ICAP+Squidclamav

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 As obvious, problem in squidclamav most probably. Turn debug for squidclamav then show log again. 11.05.16 21:04, C. L. Martinez пишет: > On Wed 11.May'16 at 20:53:56 +0600, Yuri Voinov wrote: >> >> -BEGIN PGP SIGNED MESSAGE- >> Hash:

Re: [squid-users] Problems configuring Squid with C-ICAP+Squidclamav

On Wed 11.May'16 at 20:53:56 +0600, Yuri Voinov wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Second try to check changelog for your version squidclamav. Looks like > you are using version still support method OPTIONS redirection which you > not permit in c-icap.conf. Which

Re: [squid-users] Problems configuring Squid with C-ICAP+Squidclamav

Hai,   I reviewd your config, thing whats different in c-icap.conf compared to me. RemoteProxyUsers off ( for you ) on for me.   Whats the content of /etc/c-icap/squidclamav.conf ? The important part for me of the file : #clamd_local /var/run/clamd.socket ! change/check this clamd_ip

Re: [squid-users] Problems configuring Squid with C-ICAP+Squidclamav

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Second try to check changelog for your version squidclamav. Looks like you are using version still support method OPTIONS redirection which you not permit in c-icap.conf. Which is desupported in squidclamav starting version 6.14, as described

Re: [squid-users] Problems configuring Squid with C-ICAP+Squidclamav

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 First check c-icap log. /var/log/c-icap/server.log 11.05.16 20:41, C. L. Martinez пишет: > Hi all, > > I am installing a new squid proxy server under OpenBSD 5.9 with C-ICAP+Squidclamav, and I am having some troubles. When squid start up and

Re: [squid-users] Problems configuring Squid with C-ICAP+Squidclamav

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 First check c-icap log. /var/log/c-icap/server.log 11.05.16 20:41, C. L. Martinez пишет: -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXM0X5AAoJENNXIZxhPexGOKgIAJps1HP2IPsh53mMfR8NLzju

[squid-users] Problems configuring Squid with C-ICAP+Squidclamav

Hi all, I am installing a new squid proxy server under OpenBSD 5.9 with C-ICAP+Squidclamav, and I am having some troubles. When squid start up and I request some web page, it is returning the following error: 2016/05/11 14:22:06 kid1| essential ICAP service is down after an options fetch

Re: [squid-users] Can`t cache always TCP_MISS

On 11/05/2016 10:43 p.m., Jacek Zaleski wrote: > Hi > i try use squid in my centos7 in 99% request i have TCP_MISS/200 > > Debugging NP: the debug log snippet you posted contains nothing relevant to the issue described. Please configure: debug_options ALL,1 20,2 and look for lines

[squid-users] Fwd: Mark outgoing connection mark same as client side mark

> On 11/05/2016 8:19 p.m., Deniz Eren wrote: >> Hi, >> >> In my system I am using netfilter marks to shape traffic(SNAT, QoS, >> etc.) however when I redirect traffic to Squid using Tproxy I lose the >> mark value(obviously). > > Not obvious at all. The MARK vaue is available to Squid, and if >

Re: [squid-users] Squid and AD => That' s don't work !

Ok, well. Its not only the squid conf you need, so here is what you need in total. https, yes works to, but im dont use sslbump etc.   below is all based on debian packages 0 source installs are used. ( if you need squid 3.5.19 in debian jessie amd64 i can share them to, ssl is enabled in

Re: [squid-users] Mark outgoing connection mark same as client side mark

On 11/05/2016 8:19 p.m., Deniz Eren wrote: > Hi, > > In my system I am using netfilter marks to shape traffic(SNAT, QoS, > etc.) however when I redirect traffic to Squid using Tproxy I lose the > mark value(obviously). Not obvious at all. The MARK vaue is available to Squid, and if configured to

Re: [squid-users] Squid 4.0.10 https intercept

On 11/05/2016 6:35 p.m., Компания АйТи Крауд wrote: > hi! > > I use squid 4.0.10 in INTERCEPT mode. If I deny some users > (ip-addresses) with > > acl users_no_inet src "/etc/squid/ip-groups/no-inet" > http_access deny users_no_inet > > ERR_ACCESS_DENIED is displayed then go to HTTP. If go to

[squid-users] Can`t cache always TCP_MISS

Hi i try use squid in my centos7 in 99% request i have TCP_MISS/200 Debugging 2016/05/11 10:45:20.752 kid1| 87,3| clientStream.cc(202) clientStreamDetach: clientStreamDetach: Detaching node 0x186e1a8 2016/05/11 10:45:20.752 kid1| 87,3| clientStream.cc(287) clientStreamFree: Freeing

Re: [squid-users] Squid and AD => That' s don't work !

Hi Squid 3.5.17 on Centos 7.2 Windows Server 2008 R2. Client Operating System: Windows 7 Regards Olivier 2016-05-11 10:13 GMT+02:00 Eliezer Croitoru : > Hey Oliver, > > > > What version of AD are you trying to authenticate against? > > What is the client Operating

[squid-users] Mark outgoing connection mark same as client side mark

Hi, In my system I am using netfilter marks to shape traffic(SNAT, QoS, etc.) however when I redirect traffic to Squid using Tproxy I lose the mark value(obviously). I saw configuration directive qos_flow but it's only applicable for incoming connections( some website -> squid -> client PC), what

Re: [squid-users] Squid and AD => That' s don't work !

On Wednesday 11 May 2016 at 10:08:30, Olivier CALVANO wrote: > Hi > > is that someone has actually used squid with ntlm AD authentication? Yes. > because it don't works really well It would be helpful if you could give us a clearer error report. Useful information for someone to be able to

Re: [squid-users] Squid and AD => That' s don't work !

Hey Oliver, What version of AD are you trying to authenticate against? What is the client Operating System? The more details you will give on the system the more possible you will get an answer(in general not from me specifically..) Eliezer Eliezer Croitoru

[squid-users] Squid and AD => That' s don't work !

Hi is that someone has actually used squid with ntlm AD authentication? because it don't works really well and no there is no one who reponds to problems, it's a shame. there is commercial support a squid? Regards Olivier ___ squid-users mailing list

[squid-users] Squid 4.0.10 https intercept

hi! I use squid 4.0.10 in INTERCEPT mode. If I deny some users (ip-addresses) with acl users_no_inet src "/etc/squid/ip-groups/no-inet" http_access deny users_no_inet ERR_ACCESS_DENIED is displayed then go to HTTP. If go to HTTPS then first I see browser's NET::ERR_CERT_AUTHORITY_INVALID,

Re: [squid-users] How to analyse squid memory usage

On 11/05/2016 4:37 p.m., Dan Charlesworth wrote: > Thanks Amos - > > Not sure how self-explanatory the output is, though. > > I’ve attached the output from a site with a 12GB server where top was showing > 2.9GB allocated to squid (this is normal e.g. “the control"). But the mem > output shows