e malicious client can connect to malicious server, ask for any
server name and the malicious content could get cached by squid as a proper
response.
I guess most of admins do intercepting to avoid client configuration, not to
hide the proxies.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://ww
for RAM. With COSS or rock storage, even small files should be on-disk
cacheable and that could give you another improvement.
of course, with slow disk i/o you can't get much benefits.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
the DNS.
Check what /etc/resolv.conf points to and if all servers there are alive.
Even better, I would run bind or other resolving server locally and point
resolv.conf to 127.0.0.1
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
"maxsize" and run logrotate more often than daily to
force rotation when files grow over the limit.
I recommend rotating both access and cache files at the same time, btw.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail a
is a HTTP proxy. it's not a DNS proxy.
use DNS server or DNS proxy for that.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3 biggets
d.dat"
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Posli tento mail 100 svojim znamim - nech vidia aky si idiot
Send this email t
/v4/RELEASENOTES.html>
2. Major new features since Squid-3.5
Squid 3.6 represents a new feature release above 3.5.
The most important of these new features are:
BLAH
Most user-facing changes are reflected in squid.conf (see below).
:-)
--
Matus UHLAR - fantomas, uh...@fantomas.sk
On 06.10.15 03:02, joe wrote:
cache_dir null /tmp
this one is useless since squid-2.7 and 3.1
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu
-3.1.20 (debian 7) here
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
On the other hand, you have different fingers
On 15/09/2015 3:13 a.m., Matus UHLAR - fantomas wrote:
we have squidguard on a few servers and I'd like to redirect client's
request
directly to squid's error page, e.g. ERR_ACCESS_DENIED
Is that possible directly through e.g. internal URL, or do I have to play
with special page and acl
with starts with
CONNECT (443 port), to the cache_peer first? Rather then direct connect it?
I.e., both HTTP/HTTPS must be forwarded to cache_peer for specified
sites. No one direct connections must establishes for these sites.
Squid 3.4.14.
Which options set I must use?
--
Matus UHLAR - fantomas, uh
On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
15.09.15 23:17, Matus UHLAR - fantomas пишет:
cache_peer_access with proper ACLs should do that.
note that always_direct can avoid it.
On 15.09.15 23:33
On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
15.09.15 23:17, Matus UHLAR - fantomas пишет:
cache_peer_access with proper ACLs should do that.
note that always_direct can avoid it.
On 15.09.15 23
- fantomas пишет:
On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
cache_peer_access with proper ACLs should do that.
note that always_direct can avoid it.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
, Matus UHLAR - fantomas escreveu:
windows updates are so badly designed that the only sane way to get them
cached it running windows update server (WSUS).
On 29.09.15 09:50, Leonardo Rodrigues wrote:
WSUS works for corporate environments, not for all the others.
And caching Windows Update
Em 29/09/15 10:46, Matus UHLAR - fantomas escreveu:
hmm, when did this change?
IIRC that was big problem since updates use huge files and fetch
only parts
of them, which squid wasn't able to cache.
But i'm off for a few years, maybe M$ finally fixed that up...
On 29.09.15 13:57, Leonardo
Em 30/09/15 04:13, Matus UHLAR - fantomas escreveu:
the problem was iirc in caching partial objects
http://wiki.squid-cache.org/Features/PartialResponsesCaching
that problem could be avoided with properly setting range_offset_limit
http://www.squid-cache.org/Doc/config/range_offset_limit
ld match inside the server_name, correct?
in such case apparently kaspi\.kz should be "kaspi\.kz$"
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklam
rage module, specify it on the configure
command line:
--enable-storeio=null,...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Ent
an not see the encrypted connect,
thus it can not track it (=see what's inside).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
BSE = Mad C
unique ports. I
know that squid is somehow limited to 64 ports to listen on but i still
can run multiple instances of squid to overcome that limitation (or not?)
use the myport/myip ACL's (in 3.3 replaced by localport and localip)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
already might do the bridging.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
2B|!2B, that's a question
rectly to avoid speculations and solving the problem on the
wrong sides.
(Although, are you sure that a bridge hides MAC addresses? I thought they
passed ethernet frames from side to side as-is...)
some of them might. it's better to avoid this possibility directly at the
beginning.
--
Matus UHLAR - fa
for an
internet hostname
- dash at the begin or end of [] will eliminate the need for an underscore
[a-zA-Z0-9.-]+ should do it.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
for HTTPS server when it needs
client certificates.
The workaround you could be in verifying client certificates by squid,
pushing that info to server and webserver trusting that info...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
ot;255.255.0.0")){return "PROXY
proxy.borg.local:3128" ;}
return "DIRECT";
}
what's ${asg_hostname} ?
...I find interesting that you use proxy for 10.150.0.0/16 but not for the
internet, I would expect just the opposite.
--
Matus UHLAR - fantomas, uh...@fantomas
do you run the test?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
You have the right to remain silent. Anything you say will be misquoted
Mib and Mib; 1Mi = 2^20 read "mebi" as binary mega
however many people and programs don't use this name often...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chc
the same as HTTP
connections out of the box.
no, many http(s) clients use https differently than http.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu
Jeffries wrote:
NP: there may be some output bugs in the dumper and it produces a config
with a lot of default values explicitly set. So you definitely want to
clean it up manually afterwards.
I recommend copying default squid configuration file and put parameters that
are different.
--
Matus UHLAR
' addresses as described. That means, when more users
are NATted behind one IP, squid can't differ between them.
you can use maxuser for their usernames as they are autenticated to squid.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
thing to do with it.
It would make things much easier for me then I can install a https ready
squid directly from the repository(apt-get)
the main problem afaik is that GPLed squid can't be linked with openssl due
to license restrictions. GnuTLS should be ok
--
Matus UHLAR - fantomas, uh...@fantom
visible in squid's access.log nor the firewall logs of
the server when I click on an image to download in Whatsapp.
what do browsers say?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto
in SElinux configuration.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life (userfriendly.org
nsafe sha1 furthermore.
you can wait until someone backports squid 3.5 to jessie.
or, sha256 support to squid 3.4 (both may happen)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
of.
There could be different graphs but I don't have time to create them...
...and there could be just single template package containing all of those
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address
certificates.
and in some places neflix can refuse to provide services...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chernobyl
On 27.04.16 13:42, sebastien.boulia...@cpu.ca wrote:
I would like to know if someone use Squid with a FTPD like glFTPD or ioFTPD
or something like that.
why? squid and tpd are two different things...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
On 26.04.16 15:20, Aashima Madaan wrote:
I have kept squid between a proxy and a server. Requests and response pass
from proxy to squid to server and back.
between? Squid is a proxy, do you connect one proxy through another proxy?
Why?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
y, you can create fake clients' key and
authenticate with it, but the server (site) must accept your authority.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT aku
re proxy (explicitly, or using WPAD protocol) if you want
your clients to authenticate on them.
Or, you must use out-of-band authentication protocol (external program that
will check who is the client, e.g. who is logged on the client computer.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; ht
in Debian 8:
3.5.8
3.5.17
4.0.10
Matus UHLAR - fantomas писал 2016-05-16 11:55:
OpenSSL?
On 16.05.16 12:05, admin wrote:
Yes
Can send to email if needed
I just wanted to point out that distrib uting GPL'ed software (squid)
depending on (linked with) non-GPL/LGPL libraries is AFAIK GPL
party repo for Debian/Ubuntu that
includes SSL Bump?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #9: Out of error messages
.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie
certs).
That means, the data are encrypted between browser and remote (youtube) server
so the others only see which host and port the connection goes to, but no
details like the URL.
Once again, browser and server know the URL, but nobody between.
--
Matus UHLAR - fantomas, uh...@fantomas.
traffic?
no, in order to log more about HTTPS connections, you must effectively be
the attacker who does MITM.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
twork proxy".
what you need is to configure ubuntu to use squid.
And that question belongs to ubuntu list, not to squid list.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
instead. That one should
be able to manage time more precisely.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
My mind is like a steel trap
.
Isn't it crazy also ?
are you intercepting traffic for port 80 only?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
- Have you got anything
wonder, how came squid to change its behaviour ?
Is it something related to squid or anything else ?
what os/distro?
maybe it has upgraded the package because of security bug...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
On 07.02.17 11:58, Oğuz İsmail Uysal wrote:
Ubuntu 16.04, squid version 3.5.12 and 3.5.24 same thing for both
do you have both versions installed at once?
do you have installed them as ubuntu packages?
if so, did you change their versions?
7 Şubat 2017 Salı tarihinde, Matus UHLAR - fantomas
to fully update
the journal entries.
These are systemctl stop squid and systemctl start squid, so nothing
dramatic or nasty, should be shutting down cleanly
"should be" ... still depends on shutdown_lifetime and the systemd can still
be instructed to kill squid, look at squid.service
On 06.02.17 10:47, Anonymous cross wrote:
Is there any way to find out the packets dropped/not forwarded by squid?
Is there any debug logs/option to enable it?
squid does not work with packets. It works with connections.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
e directive do and decide what to do with XFF
header. See:
http://www.squid-cache.org/Doc/config/forwarded_for/
if there's possibility of contacting the page owner with a complaint, do that.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-ma
1
iptables -t nat -A PREROUTING -p tcp -m state --state NEW,RELATED -j
REDIRECT
just note that connections may be related to different connections than
FTP...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
?) , and how to provide properly cacheable
content.
Which is very common and also a reason why many proxy admins tend to ignore
those controls...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto
; wrote:
What squid squid[2541]: temporary disabling (Not Found) mean ?
do you see now why providing whole line of output is important?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tu
LFUDA" replacement method you can save more space, and in
such case bigger maximum_object_size will help you.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolve
?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
LSD will make your ECS screen display 16.7 million colors
On 05.09.16 23:32, Omid Kosari wrote:
Filed a bug report http://bugs.squid-cache.org/show_bug.cgi?id=4585
On 09/06/2016 08:36 AM, Matus UHLAR - fantomas wrote:
I wonder if this is doable at all.
On 06.09.16 12:02, Alex Rousskov wrote:
Yes, and Squid supports it in other contexts
On 07.09.16 09:02, mzgmedia wrote:
I've tried to compile squid with the same params as on
www1.ngtech.co.il/repo/ but the binnary size of the squid is 50M but the one
from the repo is only 6M, any idea why?
apparently unstriped binary (compiled/linked without the "-s" flag)
--
M
ter and faster than regex."
whenever you can, use dstdomain insted of dstdom_regex.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklam
On 27.08.16 01:10, Yuri Voinov wrote:
http://wiki.squid-cache.org/ConfigExamples/DynamicContent/YouTube/Discussion?highlight=%28Youtube%29
26.08.2016 23:54, Matus UHLAR - fantomas пишет:
On 26.08.16 03:16, Yuri Voinov wrote:
Everything can be much easier. Google Streaming video
?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Microsoft dick is soft to do no harm
___
squid-users
would increase performance of squid..
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes
23.10.2016 17:40, Yuri Voinov пишет:
This effect is good known to all who have worked with relational
databases. In fact, it is typical in general for all caches except
purpose-built highly scalable systems.
23.10.2016 17:37, Matus UHLAR - fantomas пишет:
> doesn't that imply k
nt codes - well, you
can do that, however the paragraph above still applies
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Remember half
your own error pages into error_directory...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proo
On 22.11.16 02:09, chcs wrote:
This site (www.infobae.com) it seems to be http. My squid configuration is
transparent and SSL interceptation. Simply I cant doesnt block anyway.
how are you trying to block?
do you see in logs that the reuests are aceually pass through squid?
--
Matus UHLAR
hink?
2. if you show proxy error message, of course they think it's proxy
3. as noted previously: different errors have different handling, specially
when server refuses to provide content, it's useless to show people the same
messahe as when "internet is down"
--
Matus UHLAR - fa
s assigned by your ISP, you can select one of them,
buy you can not use private IPs to hide your real one.
note that all your IPs can get blocked by remote servers and even by your
ISP...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail a
is opening very slowly. For ex. www.google.com
<http://www.google.com/> its taking more than 30 seconds.
In cache log showing below warning
2016/11/03 17:45:16 kid1| helperOpenServers: Starting 1/8
'ssl_crtd' processes
2016/11/03 17:45:16 kid1| WARNING: no_suid: setuid(0): (22) Invalid
--
Matus
the squid boxed after 3-4 days.
I would like to note that squid does not use memory only for cache, but for
many different uses.
do you use shared memory cache?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
because I'm using x-forwarded ?
x-forwarded-for has nothing to do with this
Maybe you should rephrase the question so we understant you better.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto
On 12.01.17 08:16, roadrage27 wrote:
sure thing here it is
http_access allow all
you allow everything at very beginning...
are you sure squid uses _this_ configuration file?
if so, are you sure squid has access to internet?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Depression is merely anger without enthusiasm
ays_direct and never_direct directives if you do not use
parent or sibling proxies.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The early bird may ge
the wiki page describes it in intercepting mode
- your router MUST support that, so is sends incoming traffic to the proxy
instead of your computer, while the destination IP is your compurer's
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to rece
I have understood the question as "does tproxy work even with configured
proxy?" which I'm also curious about.
tproxy docs only describe intercepting/wccp.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
V
already too late to bypass
it.
The only way to bypass squid is to configure router not to send connections
to it.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
On 03/20/2017 10:15 AM, Matus UHLAR - fantomas wrote:
Well, I personally will still be curious how much does SMP affect the
case of one worker and one or more diskers...
On 20.03.17 12:19, Alex Rousskov wrote:
I do not understand why you are asking this question in AUFS context.
AUFS does
uot;)
may also participate in request processing. All such Squid processes
are collectively called "kids".
Setting workers to 0 disables kids creation and is similar to
running "squid -N ...". A positive value starts that many workers.
On 03/20/2017 09:20 AM, Mat
worker and one or more diskers...
do diskers only provide I/O to the requestor?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Depr
ly
interpretation leads to the "incorrect" answer: Without -N, a
combination of "workers 1" and at least one "cache_dir rock" enables
SMP. Do not use ufs-based cache_dirs in SMP mode.
That explains it. thanks.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fa
/Strange/RotatingIPs
however you need to tell your OS (and/or router) to send different source
IPs through different connections.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
that have been possible since about Squid-2.1 or whenever
SSL support was added.
iirs this was not supported by browsers, does any support ssl-proxy
connections?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
http://wiki.squid-cache.org/MultipleInstances
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates 1998, All
443
http_acces deny !Safe_ports
http_access deny CONNECT !CONNECT_ports
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
(R)etry, (A)bort
3.5 'large rock' feature adds slots as needed to fit the
extra meta bytes. So 32KB is no longer an absolute limit.
will it waste whole slot or does it already support smaller chunks?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail a
On 03/09/2017 07:21 AM, Matus UHLAR - fantomas wrote:
I have installed squid 3.4.8 on linux 3.16/64bit (debian 8 / jessie
version)
(I know it's old, but I prefer using distribution-provided SW unless it has
real problem distribution isn't able to fix)
On 09.03.17 09:07, Alex Rousskov wrote
using rock store, start Squid with -N.
When started with -N, there will be a single process playing all four
roles (master, worker, disker, and Coordinator).
Will running with "workers 1" avoid this issue while using separate
processes for diskers?
--
Matus UHLAR - fantomas, uh...@fanto
On 10/03/2017 3:21 a.m., Matus UHLAR - fantomas wrote:
I have installed squid 3.4.8 on linux 3.16/64bit (debian 8 / jessie
version)
- does this version have known memory leaks?
http://www.squid-cache.org/Versions/v3/3.5/ChangeLog.txt
shows some leaks fixed but they all seem to be related
On 03/09/2017 09:54 AM, Matus UHLAR - fantomas wrote:
Master is not a
kid (it is a parent of all kids), the first N kids are workers, the
next D kids are diskers, and the last kid is Coordinator. Please see the
following wiki section for more details.
http://wiki.squid-cache.org/Features
Hello,
will older cachemgr.cgi work well with newer squid?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
There's a long-standing bug
On 10/03/2017 6:36 a.m., Matus UHLAR - fantomas wrote:
does it have sense to run pinger without having cache peers configured?
if I get the "Network DB Statistics:" output properly, it seems that 33% of
hosts is unreachable.
On 10.03.17 08:33, Amos Jeffries wrote:
The code using it
On 03/09/2017 10:24 AM, Matus UHLAR - fantomas wrote:
is running aufs with rock store and safe, when not running with "-N"?
On 09.03.17 11:02, Alex Rousskov wrote:
Running AUFS in SMP mode is unsafe by default but some admins use
configuration hacks to make it work for them. Pri
- restart with "workers 1" worked, but isn't that the default?
or was the creash caused by something else?
(will try to replicate)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovani
On 11.03.17 22:54, Eliezer Croitoru wrote:
The title of the email was:
"squid-4.0.18 error when running"
no, it was not, you mistook my email for someone else's
On 10/03/2017 3:32 a.m., Matus UHLAR - fantomas wrote:
will older cachemgr.cgi work well with newer squid?
Yes t
to distribution.
as I have already noted in other thread, I seem to have memory leak in squid
3.4.8 (debian 8 jessie) version, only memory cache used now.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na
).
- any hint what to search for in logs?
Thanks.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
REALITY.SYS corrupted. Press any key to reboot
1 - 100 of 402 matches
Mail list logo