Re: [squid-users] how to obtain info about actual active downloads?

On Monday 27 October 2014 at 14:32:39 (EU time), Frantisek Hanzlik wrote: Please, what is best way for determining who squid clients (their PC IP addresses) have which downloads active? I want it to determine which clients burden our slow internet line. Examining 'access.log' does not help

Re: [squid-users] TCP_DENIED/403

On Wednesday 05 November 2014 at 10:39:19 (EU time), navari.lore...@gmail.com wrote: I'm configuring a Squid Web Proxy Cache and I apply the deny policy to some sites. This is the problem: when people access sites with GET they have the right html error page ERR_ACCES_DENIED (LOG =

Re: [squid-users] Squid going through another forward proxy

On Thursday 13 November 2014 at 19:50:36 (EU time), Hector Chan wrote: Hi, Does anyone have any idea how to setup squid (reverse proxy) behind a forward proxy ? 1. Set up Squid as a forward proxy on machine A for the clients. 2. Set up Squid as a reverse proxy on machine B for the

Re: [squid-users] Blocking Chrome and QUIC

On Friday 06 February 2015 at 22:54:54 (EU time), Luis Miguel Silva wrote: As I started playing around with transparent ssl proxying, I learned that Chrome uses an alternate communication (UDP based) protocol called QUIC. I'd never heard of QUIC, and http://en.wikipedia.org/wiki/QUIC doesn't

Re: [squid-users] Is Squid can shutdown unused idle redirector's children?

On Monday 16 Feb 2015 at 16:20, Yuri Voinov wrote: root @ cthulhu / # ps axuf usage: ps [ -aAdeflcjLPyZ ] [ -o format ] [ -t termlist ] [ -u userlist ] [ -U userlist ] [ -G grouplist ] [ -p proclist ] [ -g pgrplist ] [ -s sidlist ] [ -z zonelist ] May be, you want to know my

Re: [squid-users] Squid 3.5.1 intercept / Forwarding loop detected for

On Thursday 12 Feb 2015 at 10:52, naser sonbaty wrote: Hi guys, I need your help with setting squid 3.5.1 with intercept. My topolgy Clients PC -- Router PC -- SquidPC Where is the Internet connection in the above diagram? Router: Send trafic from 80 to squid 192.168.15.2:3129 Have you

Re: [squid-users] Squid 3.5.1 intercept / Forwarding loop detected for

it. On Thu, Feb 12, 2015 at 11:58 AM, Antony Stone wrote: Have you configured the router to redirect port 80 traffic from the Client PC to Squid 3129, or have you configured it to redirect *all* port 80 traffic (including from Squid) to Squid 3129? Looks like the Router is making

Re: [squid-users] logfileHandleWrite: daemon:/var/logs/access.log: error writing ((32) Broken pipe)

On Friday 13 Feb 2015 at 09:12, Antony Stone wrote: On Friday 13 Feb 2015 at 03:53, Priya Agarwal wrote: These are the output: root@t4240qds:~# /usr/sbin/squid ls -al /var/logs/access.log Thanks, but I asked for the output of ls -al /var/logs/access.log There is no squid

Re: [squid-users] logfileHandleWrite: daemon:/var/logs/access.log: error writing ((32) Broken pipe)

On Friday 13 Feb 2015 at 11:06, Priya Agarwal wrote: So sorry. In squid.conf I had done cache_effective_user to nobody and set permissions of /var and /usr to nobody. So those are the permissions. Are you saying that /var is owned by 'nobody'? That sounds like a problem for the system to me.

Re: [squid-users] cache peer load balancing round robin problem

On Monday 16 Feb 2015 at 22:54, snakeeyes wrote: Hi , I have many account from same provider and I would like to use those accounts as round robin and each request has different IP as possible How many client machines are you trying to distribute in this way? Your example suggests you're

Re: [squid-users] squid internal? loop - with no firewall nat going on..?

On Tuesday 10 March 2015 at 15:09:14 (EU time), Klavs Klavsen wrote: so intercept mode is only used, if you actually do the nat'ing on the same server as squid is running.. You can do the NATting somewhere else; the important point is that the traffic must be NATted, not direct. ie. I

Re: [squid-users] Fwd: squid intercept config

On Friday 06 March 2015 at 14:03:28 (EU time), Monah Baki wrote: Hi All, As an addition to my yesterday's issue, Tail -f cache.log, I am getting the following: 015/03/06 13:54:02| WARNING: Forwarding loop detected for: Any ideas? Is your NAT rule catching the HTTP requests from the

Re: [squid-users] Fwd: squid intercept config

On Friday 06 March 2015 at 14:50:50 (EU time), Monah Baki wrote: http://wiki.squid-cache.org/ConfigExamples/Intercept/FreeBsdPf So something else is missing? Can you run a packet sniffer on the proxy, to see what packets come in (noting the MAC address of the previous hop), what packets go

Re: [squid-users] squid internal? loop - with no firewall nat going on..?

On Tuesday 10 March 2015 at 15:32:25 (EU time), Amos Jeffries wrote: On 11/03/2015 3:18 a.m., Antony Stone wrote: On Tuesday 10 March 2015 at 15:09:14 (EU time), Klavs Klavsen wrote: so intercept mode is only used, if you actually do the nat'ing on the same server as squid is running

Re: [squid-users] question about encrypted connection between https client and Squid

On Sunday 01 March 2015 at 19:17:22 (EU time), Yuri Voinov wrote: 02.03.15 0:07, Julianne Bielski пишет: http_port 443 ssl-bump cert=/usr/local/squid3/etc/site_priv+pub.pem http_port 3128 intercept https_port 3129 intercept ssl-bump generate-host-certificates=on

Re: [squid-users] FQDN assigned to loopback

On Tuesday 05 May 2015 at 17:41, markme wrote: I have a FQDN assigned to a loopback address for development purposes but unfortunately every time I enter in that URL into my browser it goes through Squid and is trying to access the loopback address on the squid server and not on the client

Re: [squid-users] about squid trouble

On Monday 18 May 2015 at 21:05:35 (EU time), Amaury Viera Hernández wrote: I work at the University of Computer Sciences at Havana, Cuba (6000 users aproximately). We surf using squid, but in many ocassions when we are surfing I get an error page of exceed quota telling me that the cuota of

Re: [squid-users] Having Squid listen on another port and forward all traffic to a specific address

On Friday 17 April 2015 at 18:53:10 (EU time), Jonathan Krautter wrote: Is there any way to have squid listen on an additional port and then forward any traffic on that port to a specific address? Example: proxy listens on port 4456 proxy forwards all traffic received on port 4456 to

Re: [squid-users] Squid doesn't write logs via rsyslog

On Monday 08 June 2015 at 12:53:00 (EU time), Robert Lasota wrote: the problem is it still writes logs to files /var/log/access.log or /opt/var/log/access.log (depends what I set in conf) but never to rsyslog. I mean, I have set rsyslog to it send logs to remote central server, and from

Re: [squid-users] Logging of 'indirect' requests, e.g. involving NAT or VPN

On Friday 26 Jun 2015 at 09:51, Henry S. Thompson wrote: logs will show the IP address that reached squid, ie. the source address of the connection. If that was NATted, squid will never know (and thus is not able to log) the original address before the NAT. That's what I assumed, but

Re: [squid-users] confused about ICAP and who's downloading what

On Sunday 21 June 2015 at 00:31:45 (EU time), Jason Haar wrote: When a web page is requested by a client, what component does what? Does squid do the download, pass the content to ICAP, or does it (like with parent proxies), just tell the ICAP software to do the download itself? The former -

Re: [squid-users] Logging of 'indirect' requests, e.g. involving NAT or VPN

On Friday 26 Jun 2015 at 10:42, Henry S. Thompson wrote: Antony Stone writes: It's entirely plausible (I'd even say common) for VPN clients to get 192.168 addresses; also if there's a NATting router in the path and Squid is logging its address, that could easily be 192.168

Re: [squid-users] reverse proxies and Host request header

On Friday 12 June 2015 at 17:49:38 (EU time), Julianne Bielski wrote: With virtual hosting, the client is asking for a virtual origin server's host and DNS enables the ip address for the physical host to respond. The virtual host still sees its hostname in the host header, not the physical

Re: [squid-users] reverse proxies and Host request header

On Friday 12 June 2015 at 16:08:59 (EU time), Julianne Bielski wrote: reverse proxies are always transparent from the perspective of the client and the Host header is often used by the proxy to map to the correct back end origin server. I also think they usually pass the Host header as-is

Re: [squid-users] squid version 3.5.5

On Wednesday 01 July 2015 at 13:49:00 (EU time), Paul Martin wrote: Hello, I am using 2 machines with 2 squid versions, same squid.conf and both with 700 Http requests/sec. -squid version 3.3.8: I have 40k squid cache objects -squid version 3.5.5: I have 2k squid cache objects Do

Re: [squid-users] TCP_MISS/504 in cache_peer

On Tuesday 30 Jun 2015 at 08:24, Stakres wrote: Here, it seems the parent (sibling mode) tries to do the request itself but faces an error (504 gateway timeout), it should answer to the kid it does not have the object (TCP_MISS) then the parent should download the object from internet.

Re: [squid-users] TCP_MISS/504 in cache_peer

On Tuesday 30 Jun 2015 at 08:45, Stakres wrote: There are 2 squid, sibling each of them. Squid1 (10.1.1.1): cache_peer 10.1.1.2 sibling 8182 8183 proxy-only no-tproxy Squid2 (10.1.1.2): cache_peer 10.1.1.1 sibling 8182 8183 proxy-only no-tproxy if you need more details, feel free to ask

Re: [squid-users] Squid mikrotik public IP

On Sunday 05 July 2015 at 13:27:00 (EU time), san2roy wrote: http://squid-web-proxy-cache.1019090.n4.nabble.com/file/n4672057/Network.p ng This is my setup which need to work. as i am very new in squid need your help. my setup are following Squid 3.5.5 centos 6.6 Mikrotik Router os 6

Re: [squid-users] (no subject)

On Monday 25 May 2015 at 21:50:12 (EU time), S Sarath kumar wrote: Hi, below mentioned rules only applied acl Streaming rep_mime_type video/flv video/x-flv acl mynetwork src 10.108.20.0/24 http_reply_access deny mynetwork Streaming http_access allow mynetwork 1. Please reply to the

Re: [squid-users] (no subject)

On Monday 25 May 2015 at 21:20:16 (EU time), S Sarath kumar wrote: hi i have been using squid3 on ubuntu 14.04. i want to block the stream content in my lan. hence i written a acl like below. this acl at the top. Please post the entire squid.conf (excluding blank lines / comments). That

Re: [squid-users] Strange warning - squid 3.0

On Monday 29 Jun 2015 at 09:55, Fiorenza Meini wrote: Hi, I see this error when I restart squid service: please, what does it mean: WARNING: because of this '192.168.100.164' is ignored to keep splay tree searching predictable ? It means that squid is going to ignore the address

Re: [squid-users] Deny Caching of Video and Audio

for all the domains you think you might get overly-large content from, and once you have, it's prevents caching of anything from those domains, including the acceptably small stuff. 2015-08-03 19:29 GMT-03:00 Antony Stone wrote: On Tuesday 04 August 2015 at 00:13:32, markme wrote

Re: [squid-users] Deny Caching of Video and Audio

On Tuesday 04 August 2015 at 10:28:32, Antony Stone wrote: On Tuesday 04 August 2015 at 01:39:38, Jorgeley Junior wrote: create an acl: acl youtube dstdomain .youtube.com use the directive: cache deny youtube That will prevent caching for all content from a specific domain, no matter

Re: [squid-users] Caching requests to a non standard http port help please.

On Saturday 08 August 2015 at 16:20:24, 1508 wrote: Hello, I would like to configure squid-cache to cache http requests to port 10050 on a certain server such as http://www.example.com:10050/picture.png So long as 10050 isn't listed as an unsafe port in your Squid config, it'll do this by

Re: [squid-users] Configuring squid reverse proxy

On Wednesday 12 August 2015 at 14:38:55, joseph jose wrote: Hi, I have set up squid in reverse proxy mode to cache an apache webserver hosted in linux vm. IP of my squid reverse proxy is 10.0.0.1 and 10.0.0.2 is the ip of webserver which is also a linux vm Your squid server has only one

Re: [squid-users] Presenting an internal virtual host externally as domain root folder

On Friday 14 August 2015 at 14:10:54, Arjen van der Meer wrote: Dear Antony (and Amos), Thanks again for your replies. This answers my question, however I had hoped for a solution that would make /wordpress invisible from the outside. In that case remove the ^/wordpress ACL from your squid

Re: [squid-users] random forward proxy authentication pop-up

On Monday 27 Jul 2015 at 16:53, Berkes, David wrote: I have squid configured as a forward proxy with basic authentication. All traffic flows as expected, but periodically I get an authentication pop-up indicating an origin server is requiring credentials. I check the URL via non-proxy

Re: [squid-users] useragent.log

On Monday 27 Jul 2015 at 18:45, HackXBack wrote: how i can use useragent log in 3.5.6 while no user agent log in access.log like it mentioned in http://wiki.squid-cache.org/SquidFaq/SquidLogs As the page says this log has become one of the default access.log formats and is always available

Re: [squid-users] random forward proxy authentication pop-up

On Monday 27 Jul 2015 at 17:21, Berkes, David wrote: Here is the information requested. From the log, everything looks to be normal. The log example is from the cdn0.vox-cdn.com traffic. ORIGIN URL's pixel.adsafeprotected.com cdn0.vox-cdn.com sb.scorecardresearch.com SQUID

Re: [squid-users] How to get the correct size of a denied object ?

On Monday 20 Jul 2015 at 16:27, Stakres wrote: As you know, when an object is denied by an ACl or other, the size of the object in the log file is the size of the ERR_* page. Is there a way to get the correct/real size of the blocked object ? Because here we don't care the size of the ERR

Re: [squid-users] Cache Permission Errors

On Monday 24 August 2015 at 23:41:49, kuntal_ba...@bnz.co.nz wrote: Could you please un-subscribe me ? I've sent you an unsubscribe request confirmation. Reply to it and you'll be removed from the list. Senior Infrastructure Architecture and Design Specialist Infrastructure Architecture and

Re: [squid-users] File rotation problem

On Wednesday 11 November 2015 at 13:25:56, Verónica Ovando wrote: > Hi. I need to set up correctly my logfiles rotation. I think http://serverfault.com/questions/391538/logrotate-daily-and-size might help you. > I am using logrotate with this configuration in /etc/logrotate.d/squid3: > >

Re: [squid-users] squid3.4 - MySQL, PHP script - block websites

On Sunday 15 November 2015 at 15:53:56, Jens Kallup wrote: > Hello, > > Now, I use the follow script. > But, it ends in endless search - web browser site search. > > #!/usr/bin/python > > import sys > import time > > def grant (): >sys.stdout.write( 'OK\n' ) > > def deny (): >

Re: [squid-users] ACL and http_access

On Thursday 12 November 2015 at 15:55:10, Magic Link wrote: > I want people don't have access to Internet, except one hour twice a day > with only some urls.listed in a file On 14/11/2015 11:23 p.m., Magic Link wrote: > I 've made a mistake so what i want is users can access Internet, except >

Re: [squid-users] Delay Pools Parameters

> 16.11.15 20:49, Tecnología CHARNE.NET пишет: > > Hello! > > > > I'm configuring delay pools on squid 3.5 > > > > I don't understand online doc > > [http://www.squid-cache.org/Versions/v3/3.5/cfgman/delay_parameters.html] > > about delay_parameters > > > > > > "Note that 8 x 32000

Re: [squid-users] affinity session load balancing

nk/mod/mod_proxy_balancer.html https://opensourcehacker.com/2011/04/15/sticky/ Regards, Antony. > On 16/11/2015 12:49, Antony Stone wrote: > > On Monday 16 November 2015 at 11:32:31, Patrick Chemla wrote: > >> I am doing load balancing as sourcehash, so on IP source. > >

Re: [squid-users] affinity session load balancing

On Monday 16 November 2015 at 10:35:39, Patrick Chemla wrote: > Hi, > > I am using squid for years, maybe with basic features, and I have a > problem today with an app where I need to manage multiple backends, be > sure that a user is always sent to the same one because the app writes > on local

Re: [squid-users] affinity session load balancing

o identify a session / user? Without knowing what application you're dealing with, we can't guess this for ourselves. Regards, Antony. > On 16/11/2015 11:41, Antony Stone wrote: > > On Monday 16 November 2015 at 10:35:39, Patrick Chemla wrote: > >> Hi, > >> > >

Re: [squid-users] Large Files Not Caching

On Thursday 12 November 2015 at 18:31:10, Benjamin Reed wrote: > I'm trying to set up a CDN-like frontend to our (bandwidth-constrained) > master package repository. Everything seems to be working (including > memory cache hits) except for some reason it does not seem to be > caching/keeping

Re: [squid-users] ACL and http_access

On Thursday 12 November 2015 at 15:55:10, Magic Link wrote: > Hi, > I want people don't have access to Internet, except one hour twice a day > with only some urls.listed in a file.I use the ACL type "time" and > "url_regex" but it doesn't work. Please elaborate on "it doesn't work". Do you mean

Re: [squid-users] dns_ttl positive/negative Squid 3.5.10

On Monday 02 November 2015 at 16:39:45, FredB wrote: > I want to reduce DNS requests, so I'm trying with > > positive_dns_ttl 6 hours > And > negative_dns_ttl 4 hours > If I try a false domain like test.google.com there is a response from my > DNS Servail, so ok But if I retry after a short

Re: [squid-users] Can't find file

ser at the IP address of the server? What is the output of the following command? ls -al /etc/apache2 Regards, Antony. > -Original Message- > From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On > Behalf Of Antony Stone Sent: Friday, October 30,

Re: [squid-users] Can't find file

On Friday 30 October 2015 at 16:18:16, dol...@ihcrc.org wrote: > Antony, > > I get the Apache2 Debian Default page when I got the address of the server. Excellent. > Here are the results of the command: > > root@srv-proxy:/usr/local/src/negotiate_wrapper-1.0.1# ls -al /etc/apache2 > total 96

Re: [squid-users] Can't find file

On Friday 30 October 2015 at 15:34:34, dol...@ihcrc.org wrote: > I am trying to complete the "Proxy auto configuration" portion of setting > up Squid to authenticate through Active Directory and the instructions say > to modify the file /etc/apache2/conf.d/wpad.dat. However, when I try to > save

[squid-users] Fwd: Re: HTTP 503 error in squid proxy server

This reply came to my private address. Forwarding to the list. -- Forwarded Message Starts -- Subject: Re: [squid-users] HTTP 503 error in squid proxy server Date: Saturday 07 November 2015 10:43:14 From: 聡司蛭田 <hir...@totalsolution.biz> To: Antony Stone > Dear

Re: [squid-users] Fwd: Re: HTTP 503 error in squid proxy server

On Saturday 07 November 2015 at 12:48:09, Antony Stone wrote: > This reply came to my private address. > > Forwarding to the list. > > -- Forwarded Message Starts -- > > Subject: Re: [squid-users] HTTP 503 error in squid proxy server > Date: Saturday 0

Re: [squid-users] HTTP 503 error in squid proxy server

On Saturday 07 November 2015 at 09:30:04, 聡司蛭田 wrote: > Dear > > I have question about HTTPS communication through Squid Proxy Server. > > HTTP 503 error frequency occurs. Does it also occur if you point your browser directly at the site, not via Squid? > 10.xx.xx.xx - -

Re: [squid-users] Redirect site.ca to site.qc.ca

On Wednesday 14 October 2015 at 20:33:10, sebastien.boulia...@cpu.ca wrote: > Hi, > > How do you recommend me to configure Squid to redirect request on > example.ca to example.qc.ca ? My personal recommendation would be to use a search engine such as Google to look for information about

Re: [squid-users] site http://www.domain.cpu.qc.ca work BUT http://domain.cpu.qc.ca DONT WORK

ould actually be available for Squid to fetch? Antony. > -Message d'origine- > De : squid-users [mailto:squid-users-boun...@lists.squid-cache.org] De la > part de Antony Stone Envoyé : 19 octobre 2015 13:36 > À : squid-users@lists.squid-cache.org > Objet : Re: [

Re: [squid-users] site http://www.domain.cpu.qc.ca work BUT http://domain.cpu.qc.ca DONT WORK

On Monday 19 October 2015 at 19:27:37, sebastien.boulia...@cpu.ca wrote: > 1445275480.152 5 TCP_MISS/200 9269 GET > http://www.cpu.qc.ca/ - FIRSTUP_PARENT/172.20.253.5 text/html > > 1445275241.374 0 TCP_DENIED/403 4106 GET > http://cpu.qc.ca/ - HIER_NONE/-

Re: [squid-users] SQUID: cache_dir filling up and squid imploding

On Tuesday 13 October 2015 at 16:37:10, Nelson Manuel Marques wrote: > On Tue, 2015-10-13 at 20:22 +0600, Yuri Voinov wrote: > > > > Squid has its own in-memory cache, what's the point to put the disk > > cache to the same ?! > > The problem here isn't the tmpfs, but instead Squid going 20%

Re: [squid-users] completely transparent Squid

On Thursday 27 Aug 2015 at 17:21, Arkantos wrote: the community is now wanting a caching server. i have zeroed in on CentOS+Squid+Webmin but we are unable to configure it as a completely transparent cache If your community of users wants a caching proxy server, why make it transparent?

Re: [squid-users] completely transparent Squid

On Saturday 29 Aug 2015 at 16:32, Arkantos wrote: user authentication is done from Unify MSC by matching user/pass/IP/MAC using strict method - this is the reason we need completely transparent proxy. MAC address? Really? You won't get user MAC addresses to pass through routers, or through

Re: [squid-users] Splash page ?

On Monday 31 Aug 2015 at 17:38, adricustodio wrote: > Well... now its appearing the following when i try to access... > > Internal Error: Missing Template /etc/squid/splash.html > > Ideas ? Well, sorry to be a bit obvious about this, but did you create that file when you added this line to

Re: [squid-users] Software caused connection abort

On Monday 31 Aug 2015 at 14:08, Corbo, Nelson wrote: > I'm getting failure messages in squid 3.57 for Windows, I > don't know the reason. I'll appreciate your support with this issue. We'd appreciate in return some information about: - what was the request which got aborted? -

Re: [squid-users] acl rep_header and icap respmod

On Saturday 05 September 2015 at 15:32:09, Antony Stone wrote: > On Saturday 05 September 2015 at 15:29:28, Alfredo Rezinovsky wrote: > > I'm trying to adapt response for all text/html responses. > > > > icap_service service_respmod respmod_precache > > ica

Re: [squid-users] acl rep_header and icap respmod

On Saturday 05 September 2015 at 15:29:28, Alfredo Rezinovsky wrote: > I'm trying to adapt response for all text/html responses. > > icap_service service_respmod respmod_precache > icap://127.0.0.1:1344/response > > acl html rep_header -i Content-Type text\/html > adaptation_access

Re: [squid-users] Optimezed???

On Wednesday 16 September 2015 at 22:00:27, Jorgeley Junior wrote: > I think my squid is not optimezed due the percentage of hits, see the graph > bellow: I agree with you. Regards, Antony. -- +++ Divide By Cucumber Error. Please Reinstall Universe And Reboot +++

Re: [squid-users] after changed from 3.4.13 to 3.5.8 sslbump doesn't work for the site https://banking.postbank.de/

On Tuesday 29 September 2015 at 23:50:15, HackXBack wrote: > i dont say that we want to bump pinned connection , > why squid not automatically bypass pinned connection with out decryption ?? How can Squid know that the client is using pinning? Antony. -- BASIC is to computer languages what

Re: [squid-users] squid cache

On Wednesday 30 September 2015 at 21:35:32, Magic Link wrote: > Hi,i configure squid to use cache. It seems to work because when i did a > try with a software's download, the second download is TCP_HIT in the > access.log. Congratulations. > The question i have is : why the majority of requests

Re: [squid-users] Sanitised websites

Please don't reply to entire digest posts - trim them to contain only the part you are replying to. Also please change the subject line to be more relevant. On Tuesday 22 September 2015 at 11:38:26, Mumin Coder wrote: > I need database to store sanitized websites (cleaned from javascript >

Re: [squid-users] Redirect URL's to another cache

On Tuesday 22 September 2015 at 14:57:26, Jasper Van Der Westhuizen wrote: > I have a cloud based cache peer that I use to authenticate users and filter > etc. I have a new requirement to redirect a set list of domains to another > cache peer. The list is defined in a file and only these domains

Re: [squid-users] Optimezed???

On Friday 18 September 2015 at 13:13:27, Jorgeley Junior wrote: > hey guys, forgot-me? :( Surely you can see for yourself how many connections you've had of different types? Here are the most common (all those over 100 instances) from your list of 5240 results > > 290 TAG_NONE/503 > >

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

On Monday 21 September 2015 at 21:20:19, Yuri Voinov wrote: > 22.09.15 1:15, Amos Jeffries пишет: > > > HSTS is opt-out. Strip the *response* header on the first contact and it > > disappears. > > I can't. Because first connection can't occur during ISP ban by IP. > First contact is never

Re: [squid-users] Site not Working through SQUID

On Tuesday 06 October 2015 at 17:40:11, Cristiano Nunes wrote: > I have a Squid Version 3.9.Stable13 which is working perfect. > > Today I received a complanint of a users which is not able to browse a > brazilian site. > > Squid log shows no DENY at all but the site only shows a white screen

Re: [squid-users] How to limit user traffic quota?

On Thursday 03 December 2015 at 13:34:32, GoGo net wrote: > As I do NOT want to add extra cost to squid, I will stay with the script > and try to optimise it. What do you mean by "cost"? Antony. > > On Dec 3, 2015, at 8:27 PM, Amos Jeffries wrote: > > > > On 4/12/2015

Re: [squid-users] squid docs, http_access manager : mismatch

On Thursday 03 December 2015 at 13:17:24, massimo.s...@asl.bergamo.it wrote: > http://www.squid-cache.org/Doc/config/http_access/ > > http_access allow localhost manager > > http://wiki.squid-cache.org/Features/CacheManager > > Cache manager Access Control in squid.conf >

Re: [squid-users] blocking certain file types by content

On Sunday 13 Dec 2015 at 12:31, Markus wrote: > I'm trying to protect my internal network against unconsciously > downloading executable files (like malware). All users traffic pass > through our Squid proxy. > So, tell me guys, if there is any solution for this?

Re: [squid-users] Direct Access without Proxy

On Sunday 13 Dec 2015 at 15:25, Marcio Demetrio Bacci wrote: > Hi, > > What is the best way to free access to a site without going through of the > Squid Proxy? Add an exception to the browser proxy configuration - generally most easily done using a PAC file: if (dnsDomainIs(host,

Re: [squid-users] Reverse proxy: session expired in 15 minutes

On Tuesday 15 Dec 2015 at 11:39, Roberto Carna wrote: > Dear, we have a Squid3 as reverse proxy with default configuration. > > We have a domain pointed to a web server. In this server the user > session expiration is setup in 3 hs, but each 15 minutes the session > expires. What is your

Re: [squid-users] Reverse proxy: session expired in 15 minutes

On Tuesday 15 Dec 2015 at 13:02, Roberto Carna wrote: > Development team say that a session is conformed by cookies, and the > expiration time defined is 3 hours. Squid will not change the content of the cookies (although it's possible it could remove them, depending on the configuration).

Re: [squid-users] Delay Pools or Traffic Shaping per port?!

On Sunday 03 January 2016 at 00:46:39, Christian Kunkel wrote: > Hey guys, > > is there any way i can do some traffic shaping with squid? Yes, but it's nowhere near as good as doing it with IP tools on the underlying O/S. > Its a bit complicated in my case. I can not shape through user ip

Re: [squid-users] Delay Pools or Traffic Shaping per port?!

On Sunday 03 January 2016 at 09:42:21, Christian Kunkel wrote: > Am 03.01.2016 um 01:14 schrieb Antony Stone; > > >> On Sunday 03 January 2016 at 00:46:39, Christian Kunkel wrote: > >> > >> Hey guys, > >> > >> is there any way i can do some

Re: [squid-users] Delay Pools or Traffic Shaping per port?!

On Sunday 03 January 2016 at 12:35:10, Christian Kunkel wrote: > > Am 03.01.2016 um 10:13 schrieb Antony Stone: > > > > How many users do you have? > > i wanted to put about 200-500 users on a server. is that possible? Certainly no problem for Squid, and I guess you

Re: [squid-users] ssl-bump and accel

On Tuesday 05 January 2016 at 21:03:09, Nir Krakowski wrote: > eg: /etc/hosts > mail.google.com 10.0.0.250 > as for the ssl certificate, I hope to self sign with a made up root CA. What are you trying to achieve with this setup, and have you checked whether it is legal in your country /

Re: [squid-users] Squid MAC address ACL is not worked, and how to get the MAC address Squid see?

On Friday 01 January 2016 at 14:21:38, Billy.Zheng(zw963) wrote: > $ squid -v > Squid Cache: Version 3.3.8 > configure options: > '--enable-eui' That will do MAC address matching for you. Please describe the network setup :) Antony. -- You can tell that the day just isn't going right

Re: [squid-users] Squid MAC address ACL is not worked, and how to get the MAC address Squid see?

On Friday 01 January 2016 at 13:50:20, Billy.Zheng(zw963) wrote: > Hi, all, I deploy a new Squid Server in my VPS server. > And i set a squid MAC address ACL, like following: > > it seem like: > >> acl advance_users arp ??:??:??:??:??:?? > >> http_access allow advance_users > > But it not work.

Re: [squid-users] Squid MAC address ACL is not worked, and how to get the MAC address Squid see?

On Friday 01 January 2016 at 16:03:00, Billy.Zheng(zw963) wrote: > My config is a little longer, But it worked fine in recent months. Please: 1. Describe your network setup - specifically: - what is the client-facing IP address of your Squid server? - what network range are the clients in?

Re: [squid-users] ssl-bump and accel

On Tuesday 05 January 2016 at 20:30:06, Nir Krakowski wrote: > how can you combine accel proxy with ssl-bump ? Have you looked at http://www.squid-cache.org/Doc/config/http_port/ ? You put the certificate (which would normally be on the web server) on the Squid server (because that's the

Re: [squid-users] Question about redirect

On Sunday 03 January 2016 at 20:41:51, Daniel Calin wrote: > Scenario: > External IP: 1.1.1. > Website: www.domain1.com > Website: www.domain2.com > External DNS for both sites points to 1.1.1.1 > www.domain1.com is hosted on internal LAN IP 2.2.2.1 > www.domain2.com is hosted on the internal LAN

Re: [squid-users] Squid proxy whitelisting with HTTPS URL filtering

On Monday 28 December 2015 at 16:22:58, joru.pacs wrote: > Hi! > > I am trying to set up squid to be a whitelist proxy which should be able to > filter both HTTP and HTTPS URLs. > I have already tried using SSL Bump How? What squid.conf did you use? What results did you get? What didn't

Re: [squid-users] Duplicate Headers

On Tuesday 24 November 2015 at 18:58:01, Benjamin Reed wrote: > Any idea how my X-Cache, X-Cache-Lookup, and Via: headers are getting > messed up on my accelerator configuration? > > Here's the output from a sample HEAD request: > >

Re: [squid-users] deny_info / url_rewrite_program

On Monday 30 November 2015 at 19:00:14, Jens Kallup wrote: > Hello, > > I have try a "url_rewrite_program" that should redirect a page, > that content is filtered / changed. > I add 2 lines to config: > > url_rewrite_program /sap/squid/rewrite.pl > #deny_info http://www.freenet.de

Re: [squid-users] 2 way SSL on a non standard SSL Port

On Monday 30 November 2015 at 18:53:54, Bart Spedden wrote: > I can successfully connect as long as I don't use squid for either 1 way or > 2 way TLS connections. I've also successfully connect via curl. So, I feel > like the site's certs are working well. I could be totally off base here > but

Re: [squid-users] Block google pictures

On Thursday 26 November 2015 at 13:18:46, Funke, Martin wrote: > Hello list, > > is there a way to block the access to the google picture search? > https://www.google.de/imghp?hl=de I'm going to stick my neck out and say "no", because there are just too many ways of achieving the same result

Re: [squid-users] Log user agent in squid?

On Thursday 26 November 2015 at 15:20:12, Ralf Hildebrandt wrote: > Is it possible to somehow log the user agent in squid? Our goal is to > find old/outdated versions of Windows and IE. See http://www.squid-cache.org/Doc/config/logformat/ - the very last example at the bottom shows User Agent

Re: [squid-users] squid intercept mode fo http & https

On Saturday 21 November 2015 at 17:02:56, Ahmad Alzaeem wrote: > Hi Guys I have a squid runnng in intercept mode Okay... > I have a dns to resolve all the websites to the ip of proxy Which instructions / documentation did you follow saying that was a good idea? > I want the proxy to be able

Re: [squid-users] TCP-MISS 503 for wrong destination ip

On Tuesday 24 November 2015 at 14:31:15, Ahmad Alzaeem wrote: > The DNS is not broken , it will resolve some websites to ip address of > squid and other websites will rslve to other ip That sounds pretty broken to me (unless the Squid machine really is the web server for those sites whose

Re: [squid-users] TCP-MISS 503 for wrong destination ip

On Tuesday 24 November 2015 at 12:22:40, Ahmad Alzaeem wrote: > Hi Devs , > > I have a server that send to squid http/https with wrong destination ips It has already been recommended that you fix your DNS so that it works correctly / normally. > So assume I want to open google > > The

Re: [squid-users] TCP-MISS 503 for wrong destination ip

om: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On > Behalf Of Antony Stone Sent: Tuesday, November 24, 2015 2:42 PM > To: squid-users@lists.squid-cache.org > Subject: Re: [squid-users] TCP-MISS 503 for wrong destination ip > > On Tuesday 24 November 2015 at 12:22:4

  1   2   3   4   5   6   >