Markus,
Does ufdbGuard have a Debian package or build instructions?
The last time I tried to compile it on both Debian and Ubuntu I have
encountered couple issues.
Thanks,
Eliezer
<http://ngtech.co.il/main-en/> Eliezer Croitoru
Linux System Administrator
Mobile:
+1
If the certificate is still working do the updates step by step and when you
have successfully distributed the certificate make the switch.
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid
the right mime headers for the der(also cer) and pem formats.
(use curl...)
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users On Behalf Of FredB
Sent: Wednesday, January 16, 2019 17:48
To: squid
The DB of distro mirrors on the wiki is not up-to-date but it's a nice example.
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users On Behalf Of jimc
Sent: Thursday, January 3, 2019 21:40
.
Eliezer
* I have seen security companies( AV ) that updates their root ca
certificate using the AV or agent, if running an update file/service every
startup is an option we can try to find a nice solution.
<http://ngtech.co.il/main-en/> Eliezer Croitoru
Linux System Administrator
There should be a new acl names “certificate-fetching”
So I assume you can use something like:
acl certfetch transaction_initiator certificate-fetching
http_access allow certfetch
Eliezer
<http://ngtech.co.il/main-en/> Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28
It should return:
… page.
And it takes 100 ms.
Can you re-test it?
Also make sure what happens if you run the same command from within the proxy
host and not remotely.
Another option is that there is something else between you and the proxy but it
sound odd.
Eliezer
<h
I have seen that there is a very nice squid de-duplication helper at:
https://github.com/frispete/squid_dedup
I think it's worth adding into the squid-cache Related Software section.
Eliezer
<http://ngtech.co.il/main-en/> Eliezer Croitoru
Linux System Administrator
Mobile:
provide the:
- OS and distribution
- "squid -v" output
- some of the access.log that might provide more details on if the traffic is
passing or not thru the proxy
- if linux then iptables rules
- if possible the whole squid.conf (remove or obscure any private details)
Eliezer
----
Elieze
.
It's not the fastest connection ever but it's fast enough to mirror or
download from the service without any major issues.
All The Bests,
Eliezer
<http://ngtech.co.il/lmgtfy/> Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: <mailto:elie...@ngt
not trust Squid in general then I should probably
not entrust these netfilter socket to Squid)
Thanks,
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users On Behalf Of Amos
Jeffries
Sent
.
I might be able to write an example but only in a week or more.
All The Bests,
Eliezer
<http://ngtech.co.il/lmgtfy/> Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: <mailto:elie...@ngtech.co.il> elie...@ngtech.co.il
From: squid-user
So with 4.5 we are still waiting for openssl to advance into TLS 1.3, right?
Can the thread writer add a list of these domains which can help others?
Thanks,
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message
I wrote an example helper at:
http://gogs.ngtech.co.il/NgTech-LTD/storeid-helpers
which contains vimeo mp4 specific StoreID helper.
For their images there is no need for a StoreID helper they…. Want you to cache
it.
Eliezer
<http://ngtech.co.il/main-en/> Eliezer Croitoru
Linux
to the "too much user" mark and then he can download
and upload with a speed CAP/QOS.
Eliezer
----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users On Behalf Of
Heiler Bemerguy
Sent: Monday
tub-zone/
(look for dstdom_regex or download\.microsoft\.com )
Let me know if it helps.
Eliezer
* Try to upgrade from 3.1 if possible.
* I probably can compile a newer version for your OS.
<http://ngtech.co.il/main-en/> Eliezer Croitoru
Linux System Administrator
Mo
What would be the reason to replace haproxy eactly?
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users On Behalf Of
David Touzeau
Sent: Saturday, February 23, 2019 18:31
To: squid-users
..
Thanks,
Eliezer
<http://ngtech.co.il/main-en/> Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: <mailto:elie...@ngtech.co.il> elie...@ngtech.co.il
___
squid-users mailing list
squid-users@lists.squid-ca
I do not see any context, can you redirect me towards the last email?
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users On Behalf Of FredB
Sent: Sunday, February 24, 2019 12:33
Cc: squid
enies them with a 302 to another
server so it's hard
for me to see in the browser if the chain received is full.
Thanks,
Eliezer
----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users On Behalf Of Amos
Jef
It depends on the hardware in the server grade Windows.
It can take more then 3k conn's for 100%.
It's possible that squid was not designed for windows 2k16
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From
A simple Forward proxy with a CONNECT right?
Thanks,
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: FredB
Sent: Monday, February 25, 2019 19:05
To: elie...@ngtech.co.il
Cc: squid-users@lists.squid
for windows out there? (just wondering what
and why have you choose Squid)
Thanks,
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: Van Order, Drew (US - Hermitage)
Sent: Wednesday, February 27, 2019 05
as
long as you have a working and properly configured firewall on the Server.
Let me know if something fit your needs.
If so you can try and test and maybe find the right culprit(ie windows or
linux).
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie
-proxy.tar.xz
You will need some software to make it a service but these are easy to find.
If you need a recommendation for one I will try to find.
All The Bests,
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From
know if you wish to shed more details on the configuration so I can
take my time and understand if there is a solution else then Squid.
Eliezeer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users
Others
If you are willing to share a set of domains that will be added to the wiki
as a "websocket" required for this service or set of domains wiki
I might be able to pull it off and write this ICAP service.
Eliezer
<http://ngtech.co.il/main-en/> Eliezer Croitoru
Linux
+1
The main issue is websockets.
Since Squid doesn't have websockets related code implemented in a public code
the Squid instance would break more then one connection.
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original
the if and else's but
it works much faster under heavy load.
Eliezer
<http://ngtech.co.il/main-en/> Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: <mailto:elie...@ngtech.co.il> elie...@ngtech.co.il
___
No need to compile and build it for AWS:
I already built it for both AWS 1 and 2:
http://ngtech.co.il/repo/amzn/
Can be downloaded and is tested to work very well on both OS.
Eliezer
* let me know if the package is good enough.
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5
You can replace them with dstdom_regex which will not trigger a PTR lookup.
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users On Behalf Of
Ahmad, Sarfaraz
Sent: Thursday, February 14, 2019
> http://ngtech.co.il/repo/amzn/
>
> Can be downloaded and is tested to work very well on both OS.
>
> Eliezer
Thanks, looks really good !
I guess those Amazon Linux 1 packages come from there :
http://gogs.ngtech.co.il/NgTech-LTD/squid-amzn1-squid4-rpms ?
Right ^^
> The clos
naries can be downloaded securely on a HTTPS url that contains the
certificate with SHA-256 signature:
F0:CF:CD:71:0D:A5:E0:9E:7A:6B:D8:1D:09:5E:56:AB:AD:B1:39:5F:0B:9B:63:E5:A8:B
7:88:E0:DC:5B:61:9A
Eliezer
<http://ngtech.co.il/main-en/> Eliezer Croitoru
Linux System Administrato
Can we change the default from "startup=0" to "startup=1" ?
Thanks,
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users On Behalf Of Amos
Jeffries
Sent: Saturday, Fe
there is about 241 MB which needs to be justified.
These are the basics.
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUKogaAAoJENxnfXtQ8ZQU/pUIAIh2Q1687fXSTsiUCO0jlnyO
NOD7F250EcppFwrQ4GPzDvRiNWUhzJSVzncAzJWlgQbWmoCnsvwB0C7MUN6bSOBf
ek0qmJi1m/xz1ePVFI1u1k
found a
solution to a bug that php developers consider a feature.
Also only squid 3.4 uses the OK rewrite-url=XYZ format and ERR
in squid 3.3 you use either a http://xyz; as it is or
302:http://xyz; for a redirection and a blank line for no change.
All The Bests,
Eliezer
On 09/29/2014 12:39 PM
squid.
If you find one that can do it the right way please send me a link.
Eliezer
On 09/30/2014 07:41 PM, hadi wrote:
It's possible to redirect all ports to squid ? thru iptables ? For
example port 25 smtp,143 imap, etc... Can squid handle that. In
transparent mode.
-BEGIN PGP SIGNATURE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/30/2014 08:30 PM, Leonardo Rodrigues wrote:
Other protocols, SMTP, IMAP, POP3, etc etc etc, cannot be handled
by squid.
They cannot be interpreted but can be handled with a none rule for
ssl bump.
Eliezer
-BEGIN PGP SIGNATURE-
Version
at the source code:
http://bazaar.launchpad.net/~squid/squid/3.4/view/head:/helpers/negotiate_auth/kerberos/test_negotiate_auth.sh
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUNM26AAoJENxnfXtQ8ZQUcjQH+wdS/uXIyuQfmy3fqB++6mMO
zXcJxJqJA59uAHIVMQav4FLEC9XbbWB7uFigR
.
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUR3vcAAoJENxnfXtQ8ZQUDjsIAJO8DJP4iu7k6iL3hjGPliPo
M6xmkwU1W5UZPWvAYiq+SWea6MJl4Cj+uEvgVSYuUE5Arx8GtNn0y6A8o/v02Olk
JlW66Yk8VHme9CTzlgvG15WUWND03Nv8vd/Ic/sA2AC1TODZvzgUn5jrhX6WVeZK
nPFrlqlGJk1MQ3EMK+1xaTCzTE+zBIgRBYhbWH
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey,
What is the network load? how many users?
Have you been using workers at all in the past?
Can you see the avg requests per second on the cache manager page?
Eliezer
On 10/22/2014 09:02 AM, Eugene M. Zheganin wrote:
Hi.
I was using the 3.4
://west.squid-cache.org/Versions/
shows no beta versions in the page at all.
Can you just give a direct link to the release tar.xz?
Thanks,
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUSMiEAAoJENxnfXtQ8ZQU2MYH/1T2kXVuZqTQ4DP/RdofbrfL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/05/2014 11:56 AM, Odhiambo Washington wrote:
Hi Eliezer,
That link should be fine, although my system is actually PC-BSD.
The version is the same though an old version. My exact version
is:
ftp://ftp.pcbsd.org/pub/archived/9.1-RELEASE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Two things,
- - What cisco device? what IOS?
- - What docs in cisco have you tried to use?
Eliezer
On 11/08/2014 10:18 PM, Ahmed Allzaeem wrote:
Hi ,
Im trying to implemnte wccp/tproxy between squid cisco
I have :
wccp2HandleUdp: fatal
- - access logs
Eliezer
On 11/10/2014 11:17 AM, Jason Haar wrote:
Hi there, I've googled about for this but I think most of the
squid intercept stuff refers to 3.2 and I think things have changed
since then?
I have squid-3.4.9 running with sslbump, and when I configure my
browser to use
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey,
Your configuration seems to not include any iptables and other
relevant details.
What is this machine details?
Eliezer
On 11/11/2014 04:20 PM, Job wrote:
Hello,
i initialize correctly SSL Bump with Squid 3.4.4, following some
guides
with squid.
As I have mentioned before you should also provide your OS.
If you are using CentOS for example there is a nice RPM that will
might reduce your self compilation efforts.
All The Bests,
Eliezer
On 11/18/2014 07:59 PM, Frank wrote:
Hi,
Since upgrading from 3.1.22 to 3.4.8 I have been
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/18/2014 12:09 AM, Eliezer Croitoru wrote:
HTML version at: http://www1.ngtech.co.il/repo/release-3.4.9.html I
am happy to release the new RPMs of squid 3.4.9 and 3.5.0.2 beta
for Centos 6.6 64bit.
All The Bests, Eliezer Croitoru
Addition
system to get a token?
Thanks,
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUcweKAAoJENxnfXtQ8ZQUy7oH/ieegXDfKslc8NPYgzkRfpRW
JVYcRB9gqVEQSEpphznVz3s4PTuspYYKmNnr1uWMnUQRC906GPaa326j+EMtQ9Eq
mcPc2dBU7jyMkj5V4EUAJlMZ+29YzDFKSAAJkf4/cYX5ik1JKOMyIljaKF5O4PQU
HNhSUVrQ
at the
same time.
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUc2A0AAoJENxnfXtQ8ZQUW6UH/2HM/FHijhGozGUlCHMc3hpi
IdBQhEWjkKAYmTmI44ZhULPn/Nc76qBbHW8cRBhU4ziOJLyQ/Wq9yFKa8g4HS7IS
pJBzQum+fP2eVbUVz1kqjggq2sPnEe8SNtLr99sF25UoocTf/thl3ssoKOqHgudb
1vgRIQoDMB1SMqQ5XAQ
research about it.
All The Bests,
Eliezer Croitoru
On 11/24/2014 10:42 PM, James Harper wrote:
Seems like the sort of thing you could test with a minimum of
effort...
James
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUc7NcAAoJENxnfXtQ8ZQUb0AH/j1b5RjHNRDVWrLyaItl0Xh0
list.
Thanks,
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUdMtsAAoJENxnfXtQ8ZQUgsIIAIl5CUYcvYWIY4rNhG8ZTBWe
4oB08L0yHWPt7lbN/PEksxp+8dsJo5ZD0VTXMHD7CwRh+sIy8Nb01HaW+Rpb8hDD
CzFJjAnscEw99kJr+0Yv9WZ+Ba+O6JfbmzFdozV6fHrnD4fd4L8Kni3EXCUcL1KS
iUHepiOkLq
with PMTU or iptables clamping it will help to
test it more in depth.
I assume that you are using a Linux OS and I would prefer to get some
details about it as a starter.
Thanks,
Eliezer
On 10/09/2014 02:04 AM, glenn.gro...@bradnams.com.au wrote:
Could squid be getting mixed up when mulipule https
for the public list.
Eliezer Croitoru
On 12/08/2014 01:30 PM, Stakres wrote:
Hi All,
New build 2.05
https://sourceforge.net/projects/squidvideosbooster
- New option -g to enable the Global Generic Patterns acting
with not-yet identified websites. This option will do its best to
de-duplicate all
distribution.
I can tell you that it works on ubuntu and others can test it on
CentOS and many others.
I wish you All The Bests and good luck with the product!
Eliezer
On 12/08/2014 01:55 PM, Stakres wrote:
Hi Eliezer,
/Would squid debug_options relevant to StoreID feature be enough
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey Glen,
Since openssls_client is showing you this error I assume squid
received the same response.
We do need to verify why the connection is being hangs.
For now it seems like not 100% squid related issue.
Eliezer
On 12/09/2014 01:57 AM
and I can test settings if needed.
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUiLeRAAoJENxnfXtQ8ZQUtq0H/Aox2HOHCE3LEwG905aEJrzd
dWdMU4iiW1SSccytj+dyFmBLd9b81XrhMaEL1AO0+GLDA3vhz6PvYS3waarcRYKw
VxHIDpWfku1ulB9Z1J+1rOtt+nYFDBRgLhg8daC2bugx8UXjAtHsjzV+sDuwaxbe
ip5snjTYN0
object?
If so or not what suppose to happen?
Thanks,
Eliezer
On 05/20/2014 07:51 PM, Amos Jeffries wrote:
On 21/05/2014 3:43 a.m., Tom Holder wrote:
Hi all,
I've setup squid to proxy everything to a single server I have.
Based on a header, I might want to serve a different version
object?
If so or not what suppose to happen?
Thanks,
Eliezer
On 05/20/2014 07:51 PM, Amos Jeffries wrote:
On 21/05/2014 3:43 a.m., Tom Holder wrote:
Hi all,
I've setup squid to proxy everything to a single server I have.
Based on a header, I might want to serve a different version
it will help you lowering the need to rely on a feature which might
contain a bug.
All The Bests,
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUiefuAAoJENxnfXtQ8ZQUnQ8H/jdvuq4C8CnUHwwKRkSBpKnC
CZCigPRw9bJyhxHia2ZF3f+UEXkWLzi6oGzhX9oHV6zm0/sT5bpY35axV77/Fzep
the RPM from my repository?
Eliezer
On 12/22/2014 11:35 PM, Derek Cole wrote:
Hello,
I have a succesful version of squid installed on a CentOS 6.5 box,
and another Centos65 box where it is not working when I type
service squid start Both boxes have the identical squid
configuration, and i
of couple from my experience:
- - basic permissions issue
- - selinux enforcement
- - a missing directory
Are you using SMP features in your configuration?
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUmJ1EAAoJENxnfXtQ8ZQUlWwIAIuJhLOekHKMdp1/AyGpkFh0
bOb1Msurt7
in the OS.
If you can share the squid.conf file I can test it here on a test node
and see the results.
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUmKDBAAoJENxnfXtQ8ZQUNPYH/j6OPryCIlqqhnRKxuoyv26h
jbTbM2FQKLWkM6hw3AS6eTizJnJdpBhiOWIr2MIi9fZnXi5gIQwKaoP85qaTa5Ju
it is to the defaults http_port 3128.
Did you tried to remove squid.conf and run it using the default
squid.conf?
Eliezer
On 12/23/2014 12:57 AM, Derek Cole wrote:
visible_hostname BrowserAccess #acl localnet src 10.1.1.0/24 #
RFC1918 possible internal network #acl localnet src 10.22.0.0/23
acl all src 0.0.0.0
with the RPMs.
Eliezer
On 12/23/2014 05:54 AM, Alexander Samad wrote:
Hi
Just found this repo from the wiki
http://www1.ngtech.co.il/rpm/centos/6/$basearch
Wondering what if any downsides there are to using the lastest on
6.x ?
Alex
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
and 3.5.0.4
Good Luck Guys and wish this bugs will solved as soon as possible
and thanks for you response and interest
Can you share your squid.conf?
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUmhecAAoJENxnfXtQ8ZQUwNoH/0hSIsz+akzVxysN3gSjoy/G
squid is a basic squid.conf after compilation without any
changes.
https_port is a more complex setup.
To understand the complexity of the feature you can start here:
http://wiki.squid-cache.org/Features/SslBump
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
it in steps by first using a proxy with ram only cache while later
adding the disk cache to make sure the machine can hold the basic
environment loads.
Eliezer
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAEBAgAGBQJUnwV1AAoJENxnfXtQ8ZQU7+kIAJoKcCbkRdgndSTsZiHyYMY8
.
I have tested glusterfs as a backend for a hypervisor and a local SSD
drive was faster.
Do you have anything you think about Omid? if you have a scenario in
hand I would like hear about it.
Eliezer
On 03/02/2015 14:45, Omid Kosari wrote:
@Eliezer , Any benchmark ?
This topic is very
Hey Steve,
On what OS are you running squid? is it self compiled one?
Eliezer
On 02/02/2015 14:09, Steve Hill wrote:
I'm pretty sure this is incorrect - I'm running Squid 3.4 without
ssl_crtd, configured to bump server-first. The cert= parameter to the
http_port line points at a CA
Hey Stefano,
Can you get some access.log output from the time the issue appears\happens?
Eliezer
On 06/02/2015 15:01, Stefano Ansaloni wrote:
Tested with icap disabled: the issue still there.
___
squid-users mailing list
squid-users@lists.squid
squid.conf it would be my first try.
http://www.squid-cache.org/Doc/config/dns_v4_first/
Add dns_v4_first on to squid.conf.
Eliezer
On 03/02/2015 13:38, Rich549 wrote:
Except, I still have exactly the same issue of certain pages not loading.
Have I done this the wrong way? Should I have removed the old
in other prices(the OS costs about 220$).
RAM is important for storage solutions of any kind,type and OS!!!
For squid a NAS(NFS\CIFS) needs to be tested more before production
usage and a SAN is preferable.
Have you considered using a more recent version of squid? What OS are
you running?
Eliezer
and
there for will not provide and cannot provide what you need\want.
Eliezer
On 03/02/2015 22:41, Anton Radkevich wrote:
Hey Eliezer,
Thank you for your explanation, just want to clarify.
Does it mean that if I configure squid to listen https_port on port 3129
with ssl certificate, connection from
certificates and pin IP addresses to the certificates.
All The Bests,
Eliezer
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
On 21/01/2015 11:21, Steve Hill wrote:
but not using ssl_crtd
What are using if not ssl_crtd?
Eliezer
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Hey Christopher,
The email looks a bit messy and so I and I assume others couldn't
understand it.
You can paste the config file content at:
http://pastie.org/
And please first describe the issue and later add more technical data
such as config and dumps.
All The Bests,
Eliezer
On 17/01
On 19/01/2015 15:56, HackXBack wrote:
after upgrading to 3.5.1 i have bug
BUG 3279: HTTP reply without Date
how to solve it ??
To make sure I understand the issue:
Is it crashing squid? or just shows a warning in the logs?
Thanks,
Eliezer
of firewalls:
https://www.freebsd.org/doc/handbook/firewalls.html
I was just recently testing couple things with FBSD firewalls and I am
curios on how would the firewall(pf,ipfw,others...) rules look like for
tproxy and intercept.
Thanks,
Eliezer
And Anna if you have some specific performance issues with nginx and
considering the options feel free to contact me off-list aobut it.
All The Bests,
Eliezer
On 17/02/2015 16:58, Anna Jonna Armannsdottir wrote:
I spent the last weeks searching but I have not found anything that
seems to counter
Hey Yuri,
I would try first ps -aux just to find out if this is the right way to
use ps in solaris.
If it works show me the details first and we will see what to do next.
Eliezer
On 16/02/2015 18:37, Yuri Voinov wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yes.
root @ cthulhu
?
Eliezer
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
On 16/02/2015 21:10, Yuri Voinov wrote:
root @ cthulhu / # ps -e
Yuri,
Can you find the right ps command that will include user and memory
usage by each process?
Thanks,
Eliezer
___
squid-users mailing list
squid-users@lists.squid-cache.org
http
The Bests,
Eliezer
* Waiting for the ps output.
On 16/02/2015 18:55, Yuri Voinov wrote:
root @ cthulhu / # ps -aux
ps: unknown user x
Really, I don't understand subject of discussion.
I think, will good to have possibility to autoclose idle Squid
redirectors after time specified. Regardless
?
Eliezer
On 16/02/2015 20:42, Yuri Voinov wrote:
root @ cthulhu / # ps -efl|grep squidGuard|grep -v grep|awk {'print $2
$5'}
S 6475
Now you can see one squidGuard process. Squid was restarted hour ago.
Process is idle (no traffic now), but this is as desired by config. As
you can see, it state
which will put the client IP
address in a LOGIN mode and then it will allow the client access to the
internet based on the client IP address.
All The Bests,
Eliezer
On 17/02/2015 12:21, snakeeyes wrote:
Any suggestion ? or even is it possible ?
Not I have ACLS and authentication @ squid
the issue I will
gladly be more then happy to try and understand the issue in hands.
I am pretty sure that the command top -n1 -b should work in any unix
system I have seen until today.
Do you have access to this squid machine cache manager interface?
Eliezer
On 12/02/2015 20:01, Yuri Voinov
://filter:3128/squid-internal-mgr/redirector;
(using the visible_hostname and the forward proxy port of squid)
All The Bests,
Eliezer
On 16/02/2015 21:56, Yuri Voinov wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Now:
2015/02/16 23:10:23 kid1| store_swap_size = 29826351.50 KB
2015/02/16 23
On 16/02/2015 15:23, Yuri Voinov wrote:
http://i58.tinypic.com/rsqwxh.png
0 shutting down. Always.
During nights and weekends.
Are you talking about these 10? I am unsure I understand the issue
yet..(I need to understand a bit more), is this the situation which
stays forever?
Eliezer
.
It is not very smart to just spread the traffic from different IPs since
there is an application level issues that you and your users might
encounter while operating this logic.
Eliezer
On 17/02/2015 01:51, snakeeyes wrote:
Hi , a
All I need I need to load balance my request as I can
So ,
I want if I go
/index.cgi
While referring to this thread.
If you are up for the task then maybe you would be able to provide some
more information based on the wiki:
http://wiki.squid-cache.org/SquidFaq/BugReporting
Thanks,
Eliezer
On 20/02/2015 06:06, Dan Charlesworth wrote:
Thanks Eliezer …
We've only ever used
will prove that humans can look at the same picture and
see many different things.
Eliezer
* I am almost sure that you may use a fake acl that will match all
requests instead of using an external_acl helper that will help you to
select the 100MB limit.
On 20/02/2015 05:34, Dan Charlesworth wrote
any information regarding FBSD 10.
Any directions? I assume that the wiki applies to 10.1 also?
Thanks,
Eliezer
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
some external_acl helpers it's
pretty simple to connect squid and an external authentication system.
Here the answer turns the tables and makes it possible to authenticate
even in intercept and tproxy mode but not at the same way many might
think of.
All The Bests,
Eliezer
On 18/02/2015 04:04
package_file_name.rpm.
Take your time to peek at the wiki page:
http://wiki.squid-cache.org/KnowledgeBase/CentOS
All The Bests,
Eliezer
On 25/01/2015 02:52, Daniel Greenwald wrote:
Eliezer- I have installed the squid 3.5 on centos 7 from your repo, the
version is:
squid-3.5.0.4-1.el6.x86_64
Hey Dan,
Just to get around the environment, can you share your
squid.conf?(censuring confidential data)
Thanks,
Eliezer
On 02/02/2015 01:14, Dan Charlesworth wrote:
Bumping this one for the new year 'cause I still don't understand squid
traces and because it's still happening with v3.4.11
Hey Raju,
For how many users?
Eliezer
On 02/02/2015 06:27, Raju M K wrote:
Need squid Authentication syntax for local users in Windows 7/8 workgroup
Presently using squid 2.7 stable 8
-- Regards, M K Raju.
___
squid-users mailing list
squid-users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/05/2015 05:18 PM, Yuri Voinov wrote:
We haven't filtering non_HTTP over port-443. Just recognize and
pass.
So let's separate security which is one of the goals of squid and
which some like and other don't.
For now squid 3.4 is stable and 3.5
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey Steve,
Can you share the squid -v output and the OS you are using?
Eliezer
On 01/05/2015 06:29 PM, Steve Hill wrote:
On 10.12.14 17:09, Amos Jeffries wrote:
I'm looking for advice on figuring out what is causing
intermittent high CPU usage
Can you try to use openssl s_client?
an exapmple:
openssl s_client -connect facebook.com:443
Eliezer
On 12/01/2015 11:41, HackXBack wrote:
hello,
according to this chapter
http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate
i bought signed certificate
but no one
1 - 100 of 1076 matches
Mail list logo