[squid-users] squid crash on restart

Hi running rpm -qa squid squid-3.5.14-1.el6.x86_64 doing a restart saw this 2016/03/10 14:36:28 kid1| Squid Cache (Version 3.5.14): Exiting normally. FATAL: Received Segment Violation...dying. 2016/03/10 14:36:28 kid1| storeDirWriteCleanLogs: Starting... in cache.log and message log Mar 10

Re: [squid-users] question about ssl_bump

On 10 March 2016 at 14:17, Alex Rousskov wrote: >> >> I am not sure how haveServerName is constructed > > It is up to the Squid admin. Thanks for the replay to the other stuff I'm the squid admin. I am presuming maybe wrongly that this is test to see if squid

[squid-users] question about ssl_bump

from http://wiki.squid-cache.org/Features/SslPeekAndSplice # Better safe than sorry: # Terminate all strange connections. ssl_bump splice serverIsBank ssl_bump bump haveServerName ssl_bump peek all ssl_bump terminate all I am not sure how haveServerName is constructed I read this as 1) splice

Re: [squid-users] Youtube "challenges"

Sounds like a controlled at home environment why not implement ssl bump ? On 24 February 2016 at 00:40, Chris Horry wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > > On 2/23/2016 08:39, Antony Stone wrote: >> On Tuesday 23 February 2016 at 13:57:52, Chris Horry

Re: [squid-users] ssl-bump

! testIP ssl_bump splice NoBump ssl_bump bump haveServerName ssl_bump peek all ssl_bump splice all On 9 February 2016 at 10:52, Alex Samad <a...@samad.com.au> wrote: > Hi > > Starting to look at ssl-bump found > http://wiki.squid-cache.org/Features/SslPeekAndSplice > http:/

Re: [squid-users] ssl-bump

Hi Got this working. wondering what the benefits are, wandering around google, you tube, facebook not seeing much cache. Atleast I can pass downloads through clamav... Are other people seeing caching of these sites ?? On 9 February 2016 at 11:09, Alex Samad <a...@samad.com.au> wrote:

[squid-users] ACL help

HI Back to my Windows update issues :) 1454566851.333 63 10.172.208.208 TCP_MISS/206 6520 GET http://wsus.ds.download.windowsupdate.com/d/msdownload/update/software/secu/2015/11/windows6.1-kb3109103-x64_66e00af753e3faae5d558534711af7dc29a9160d.psf - HIER_DIRECT/203.213.73.25

Re: [squid-users] MS update woes

ain -i "/etc/squid/lists/delayDom.lst" delay_access 1 deny DMZSRV delay_access 1 allow Delay_Domain " On 25 January 2016 at 12:09, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 25/01/2016 11:20 a.m., Alex Samad wrote: >> Hi >> >> Seems like I gettin

Re: [squid-users] MS update woes

wsupdate.com/c/msdownload/update/software/secu/2015/12/ie11-windows6.1-kb3124275-x86_da23592568a57c26665a23d23d888428d831d739.psf - HIER_NONE/- application/octet-stream # ## any comments welcome Thanks On 20 January 2016 at 14:27, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 20/01/2016 1:5

Re: [squid-users] MS update woes

t|zip)[^?]" On 19 January 2016 at 17:15, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 19/01/2016 7:11 p.m., Alex Samad wrote: >> Hi >> >> Think I answered my own on this >> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 >> >> >> Does t

[squid-users] delay pools

Hi Is it possible to implement delay pools such that if file is less than 10M then allow 60Mb/s else allow 20Mb/s fi is that possible the aim is to allow a higher through put for smaller files, but to limit bigger / longer connections Alex ___

Re: [squid-users] MS update woes

On 19 January 2016 at 16:59, Amos Jeffries wrote: > > Hmm. Are you using the exact same HTTP headers as WU tools on the other > machines do to prefetch the URL into the cache ? I have a script that checks the squid logs and then does a download of the files through the

Re: [squid-users] MS update woes

On 19 January 2016 at 16:59, Amos Jeffries wrote: >> refresh_pattern -i >> microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% >> 129600 reload-into-ims >> refresh_pattern -i >> windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 >> 80%

Re: [squid-users] MS update woes

Hi Think I answered my own on this refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 Does the last refresh_pattern config win ? On 19 January 2016 at 17:08, Alex Samad <a...@samad.com.au> wrote: > On 19 January 2016 at 16:59, Amos Jeffries <squ...@treenet.co.nz> wrote: >>

[squid-users] MS update woes

Hi so I have this in place now This works well for delaying YAY # # Delay Pools # http://wiki.squid-cache.org/Features/DelayPools # http://www.serverwatch.com/tutorials/article.php/3357241/Reining-in-Bandwidth-With-Squid-Proxying.htm delay_pools 1 delay_class 1 1 # 10Mb/s fille rate , 20Mb/s

Re: [squid-users] MS Update

Hi On 11 January 2016 at 18:54, Amos Jeffries wrote: >> guessing I have to bump up the 200M max to 800mb. > > Maybe. But IMHO use the ACLs tat range_offset_limit can take. your suggesting to limit the offset limit to just the windows update sites > >> are the other values

[squid-users] MS Update

Hi I burnt up 172G of download in 24 hours with multi machines doing the download of the same file (MS SQL patch) I think I am running into the same issue So multiple machines are trying to do the download... Q) why don't they share the same download ! 1452459804.945 64052 10.172.208.108

[squid-users] Question about delay pools again

Hi Just wanted to confirm my understanding of delay pools and the ability to ratelimit inbound traffic. Today one of our W10 machines did it windows update .. New patch .. .MS SQL SP3 - 384M big patch So it contacts our squid proxy with then downloaded it from WSUS update ... which is geocached

[squid-users] monitoring

Hi Is there a way to see what is being downloaded by whom before it has finished. I had somebody doing a big download and I wanted to find it . only way I could do that was by stoping squid and checking the log file. is there another way of doing that ?

Re: [squid-users] Question about delay pools again

On 5 January 2016 at 12:40, Amos Jeffries wrote: > What the above does is not limit any particular user. But limits the > total server bandwidth to those domains (combined) to 10Mbps. It is a > good solution, but still has a few problems. > > WU will now be very slow,

Re: [squid-users] Question about delay pools again

ded On 5 January 2016 at 10:57, Alex Samad <a...@samad.com.au> wrote: > Hi > > Just wanted to confirm my understanding of delay pools and the ability > to ratelimit inbound traffic. > > Today one of our W10 machines did it windows update .. New patch .. > .MS SQL SP3 -

[squid-users] More cache peer confusion

from the logs # these 2 are from my laptop to alcdmz which then talks to gsdmz1, which responds with a 504 Jan 05 11:55:53 2016.808 0 alcdmz1.abc.com TCP_HIT/504 4800 GET http://wiki.squid-cache.org/wiki/squidtheme/js/niftyCorners.css - HIER_NONE/- text/html Jan 05 11:55:55 2016.332 0

Re: [squid-users] Error accessing the 403 page

On 2 January 2016 at 12:23, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 2016-01-02 13:19, Alex Samad wrote: >> >> On 2 January 2016 at 09:22, Amos Jeffries <squ...@treenet.co.nz> wrote: >>> >>> On 2016-01-01 23:28, Alex Samad wrote: >>>

Re: [squid-users] Error accessing the 403 page

On 2 January 2016 at 09:22, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 2016-01-01 23:28, Alex Samad wrote: >> >> Hi >> >> I installed 3.5.12 and when I try and get to a page that is blocked. I >> used to get an message page that said contact the admin

[squid-users] Error accessing the 403 page

Hi I installed 3.5.12 and when I try and get to a page that is blocked. I used to get an message page that said contact the admin person. trying to get to http://bcp.crwdcntrl.net/squid-internal-static/icons/SN.png This is part of the error generated The following error was encountered while

Re: [squid-users] squid reverse proxy and client certs

Hi Thanks I thought that might be the issue. could you point me to an example for requesting client certs for a directory Thanks Alex On 30 December 2015 at 21:56, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > On 30.12.15 15:11, Alex Samad wrote: >> >> I have

[squid-users] squid reverse proxy and client certs

Hi I have squid 3.5.12 working as a reverse proxy cache_peer 127.0.0.1 \ parent 443 0 proxy-only no-query no-digest originserver \ login=PASS \ ssl \ sslcafile=/etc/pki/tls/certs/ca-bundle.crt \ sslflags=DONT_VERIFY_PEER \ name=webServer This points to httpd which has a

Re: [squid-users] [squid-announce] Squid 3.5.12 is available

Hi Do you provide the source rpms for RHEL/Centos A On 28 December 2015 at 23:35, Eliezer Croitoru wrote: > I took the time to build and test a RPM for OpenSUSE leap 42.1 at: > http://ngtech.co.il/repo/opensuse/leap/x86_64/squid-3.5.12-1.0.x86_64.rpm > > SRPM at: >

Re: [squid-users] squid cache peer issues

Hi seems like .12 is now available for me. I will apply and retest. is there anything you would like me to do if I see it again ? A On 21 December 2015 at 21:26, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 21/12/2015 2:00 p.m., Alex Samad wrote: >> Hi >> >

[squid-users] squid cache peer issues

Hi running on centos 6.7 3.5.12 still not available on centos 6. rpm -qa | grep squid squid-helpers-3.5.11-1.el6.x86_64 squid-3.5.11-1.el6.x86_64 This is the 2 cache_peer statements I use # on alcdmz1 cache_peer gsdmz1.yieldbroker.com sibling 3128 4827 proxy-only htcp no-query standby=10

Re: [squid-users] reverse proxy setup

<squ...@treenet.co.nz> wrote: > On 11/12/2015 4:52 p.m., Alex Samad wrote: >> Hi >> >> >> Is there any way to remove these from the log >> >> kid1| Error negotiating SSL connection on FD 38: error:140760FC:SSL >> rou

Re: [squid-users] squid reverse proxy infront of exchange 2010

trying to build one. A On 11/12/2015 4:32 AM, "Eliezer Croitoru" <elie...@ngtech.co.il> wrote: > On 09/12/2015 12:49, Alex Samad wrote: > >> Hi >> >> Can't seem to find 3.5.12 for centos pre compiled at >> http://www1.ngtech.co.il/repo/centos/6/x86_64/

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi Answer my own question http://www.squid-cache.org/Versions/v3/3.5/cfgman/http_port.html seems like there is a no-vhost, I presume vhost turns it on On 11 December 2015 at 09:23, Alex Samad <a...@samad.com.au> wrote: > Hi > > > On 10 December 2015 at 23:44, dweimer &l

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi On 10 December 2015 at 23:44, dweimer wrote: > https_port 10.50.20.12:443 accel defaultsite=mail.mydomain.com \ > cert=/certs/wildcard.certificate.crt \ > key=/certs/wildcard.certificate.key \ > options=NO_SSLv2:NO_SSLv3:NO_TLSv1:SINGLE_DH_USE:CIPHER_SERVER_PREFERENCE

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi So I have taken this config done some slight customization for my site and it appears to be working Thanks for this .. On 10 December 2015 at 23:44, dweimer <dwei...@dweimer.net> wrote: > On 2015-12-09 11:29 pm, Alex Samad wrote: >> >> Hi >> >> config >>

[squid-users] reverse proxy setup

Hi Is there any way to remove these from the log kid1| Error negotiating SSL connection on FD 38: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol (1/-1) this is the corrosponding squid config options=NO_SSLv2:NO_SSLv3:NO_TLSv1:SINGLE_DH_USE:CIPHER_SERVER_PREFERENCE Not I

Re: [squid-users] squid reverse proxy infront of exchange 2010

5-12-10 4:24 pm, Alex Samad wrote: >> >> Hi >> >> Answer my own question >> http://www.squid-cache.org/Versions/v3/3.5/cfgman/http_port.html >> >> seems like there is a no-vhost, I presume vhost turns it on >> >> >> On 11 Dec

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi Can't seem to find 3.5.12 for centos pre compiled at http://www1.ngtech.co.il/repo/centos/6/x86_64/ On 8 December 2015 at 19:34, Amos Jeffries wrote: > * try an upgrade to 3.5.12. There were some regressions in the .10/.11 > releases that can lead to really weird

Re: [squid-users] squid reverse proxy infront of exchange 2010

, not with 3.5 .. still on .11 as I can't find centos 6 compile of .12 I think there is some issue with rpc sending or receiving .. On 8 December 2015 at 19:34, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 8/12/2015 7:35 p.m., Alex Samad wrote: >> Hi >> >> Any

Re: [squid-users] squid auth

; On 8/12/2015 7:44 p.m., Alex Samad wrote: >> Hi >> >> Currently using 3.1 (from centos 6) >> I have setup squid to auth against MS AD >> >> I have >> # ### >> # Negotiate >> # ### >> >> # http://wiki.squid-

Re: [squid-users] squid auth

reset the password of the AD > account and thereby invalidate the extracted keytab. > > Markus > > > "Alex Samad" wrote in message > news:CAJ+Q1PW9Ue4zdT9GCt-4MjW=UjDWyBOPc4AFrcjG=qfnewm...@mail.gmail.com... > > > Hi > > So what your saying is I should i

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi Any suggestions on how to debug this... I wouldn't mind rolling forward to 3.5 again On 2 December 2015 at 20:39, Alex Samad <a...@samad.com.au> wrote: > Just to add to this I have a lot of these in the log file > > TCP_MISS_ABORTED/000 0 RPC_IN_DATA > TCP_MISS_ABORTED/200

[squid-users] chrome proxy issue

Hi https://code.google.com/p/chromium/issues/detail?id=544255 Not a squid issue, but might stop people wasting time debugging squid A ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] rollback squid

Discard you mean delete .. the cache directories if so I currently have 3 directories, is this an opportunity to consolidate down to 1 directory is that better ? On 3 December 2015 at 03:03, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 3/12/2015 12:30 a.m., Alex Samad wrote: >

Re: [squid-users] setting up cache peering

Hi Thanks I will do when I get back to 3.5. Had to roll back because of my issues with 3.5 and reverse proxy and outlook. Are these suggestions still valid with 3.1 ? Thanks On 3 December 2015 at 03:22, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 2/12/2015 6:50 p.m., Alex Sa

Re: [squid-users] rollback squid

:) Okay done is a VM on a single VMDK.. 10G nics (virtual and physical) On 3 December 2015 at 14:27, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 3/12/2015 9:18 a.m., Alex Samad wrote: >> Discard you mean delete .. the cache directories >> > > Yes, an

[squid-users] setting up cache peering

Hi I recently moved to squid-3.5.11-1.el6.x86_64 on centos 6.7. from the centos 3.1 i think ? This what I had originall #cache_peer gsdmz1.xy.com sibling 3128 3130 proxy-only #cache_peer alcdmz1.xy.com sibling 3128 3130 proxy-only I had a shared config between the 2 server gsdmz1 and alcdmz1.

Re: [squid-users] issue with start / stop scripts

a check first on shutdown ?? A On 29 November 2015 at 09:14, Eliezer Croitoru <elie...@ngtech.co.il> wrote: > What script are you using? > If it's from my RPMs I might be able to patch it and make sure it will work > better. > > Eliezer > > On 27/11/2015 08:09, Alex Sa

Re: [squid-users] issue with start / stop scripts

parallel: > - the pid exists or not > - the process exists or not(using "ps aux|grep squid") > - check if the port in netstat is still in listening mode. > > Hope it helps, > Eliezer > > > On 29/11/2015 00:21, Alex Samad wrote: >> >> Hi >> &g

Re: [squid-users] centos 6 install

On 27 November 2015 at 17:56, Amos Jeffries wrote: >> Hi >> >> it was in the bottom of the previous mail, thats a copy of the log >> starting from the start up > > Exactly. The new install of Squid is a newer version. With a new format > of cache storage, updated data

Re: [squid-users] centos 6 install

1-1.el6.x86_64.rpm > 517a912a094501f226e715637e94bb63 squid-3.5.11-1.el6.x86_64.rpm > The checksums are at: > http://www1.ngtech.co.il/repo/centos/6/x86_64/squid-3.5.11-1.el6.x86_64.rpm.asc > > Eliezer > > > On 27/11/2015 01:00, Alex Samad wrote: >> >> Hi >> >

Re: [squid-users] centos 6 install

malformed cache entry. 2015/11/27 11:04:26 kid1| Done scanning /var/spool/squid dir (153502 entries) 2015/11/27 11:04:44 kid1| WARNING: Ignoring malformed cache entry. 2015/11/27 11:06:15 kid1| WARNING: Ignoring malformed cache entry. 20 On 27 November 2015 at 10:55, Alex Samad <a...@samad.com.au>

[squid-users] centos 6 install

Hi I am trying to upgrade from the centos squid to the squid one rpm -qa | grep squid squid-3.1.23-9.el6.x86_64 rpm -Uvh squid-3.5.11-1.el6.x86_64.rpm getting this error error: unpacking of archive failed on file /usr/share/squid/errors/zh-cn: cpio: rename failed - Is a directory ls -l

[squid-users] delay pools question

HI I have had a look at http://wiki.squid-cache.org/Features/DelayPools Wondering if somebody can maybe explain how it rate limits downloads. So I can understand it would be able to limit proxy to client traffic as squid is the sender and can limit how it sends. But if I want to limit speed

Re: [squid-users] config Q

On 24 October 2015 at 15:01, Amos Jeffries wrote: > Set the cache_peer sslcafile= option with the PEM file containing the CA > that was used to sign the office.abc.com server certificate. Do i need to do that if the signing CA is part of the OS root bundle ?

[squid-users] config Q

Hi I have squid on centos 6. the version that comes with it unfortunately. I have configured it to be a reverse proxy to our exchange box. so it answers on office.abc.com now I have 2 cache peers setup 10.1.1.1. the exchange box << all the predefined URIs go here 127.0.0.1 443 the rest go

Re: [squid-users] NTLM Authentication Failing

Would it be fair to say best practice is to get kerbose working in favour of ntlm ? On 21/10/2015 3:18 PM, "Amos Jeffries" wrote: > On 2015-10-21 15:38, Ilias Clifton wrote: > >> >>> On 20/10/2015 4:04 p.m., Ilias Clifton wrote: >>> > Hi All, >>> > I've been following the

Re: [squid-users] winbind interface

basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours On 2 September 2015 at 11:15, Amos Jeffries <squ...@treenet.co.nz> wrote: > On 2/09/2015 11:50 a.m., Alex Samad wrote: >> Hi >> >> I have squid setup to use

[squid-users] winbind interface

Hi I have squid setup to use NTLM and then faill back to basic. when it fails back to basic, my user put in firstname.surname@a.b.c which fails. if they put in firstname.surname it works is there some way to get squid to strip off the @<.*> also is there some way to change the info in the

[squid-users] caching question

Hi I want to get squid to not cache urls that terminate like this updates/x86_64/repodata/repomd.xml os/x86_64/repodata/repomd.xml How do I organize that. Having problems with old repmod.xml files making my yum updates fail.. Alex ___ squid-users

Re: [squid-users] caching question

A On 26 August 2015 at 11:56, Alex Samad a...@samad.com.au wrote: Hi I want to get squid to not cache urls that terminate like this updates/x86_64/repodata/repomd.xml os/x86_64/repodata/repomd.xml How do I organize that. Having problems with old repmod.xml files making my yum updates fail

Re: [squid-users] caching question

Hi Sorry, answered my own question. acl nonCacheURL urlpath_regex .*/x86_64/repodata/repomd.xml$ cache deny nonCacheURL seems like makes it look for a file ? On 26 August 2015 at 11:59, Alex Samad a...@samad.com.au wrote: Hi Sorry add more info I have this already in my squid.conf acl

Re: [squid-users] Squid 3.5.5 CentOS RPMs release

Thanks On 29 June 2015 at 00:59, Eliezer Croitoru elie...@ngtech.co.il wrote: Hey list, I have created the new RPM's for CentOS 6 and 7 while not mentioning I also created the package for OracleLinux.(which was very annoy to find out that the download file from Oracle was not matching an ISO

Re: [squid-users] Mikrotik and Squid Transparent

Hi Thought I would re word what i got from this, see if I understood. If squid and router (default gateway) are on the same box then DNAT to the SQUID listening port and local ip (Can you use localhost suppose it doesn't matter) else router the packet to the SQUID box (if possible) DNAT on the

Re: [squid-users] Mikrotik and Squid Transparent

On 27 June 2015 at 16:33, Amos Jeffries squ...@treenet.co.nz wrote: On 27/06/2015 10:02 a.m., Alex Samad wrote: Hi Sorry missing something here. I thought this was a mikrotek rtr , presumably acting as a default gateway for the local lan to the internet. it has a DNAT rule to capture all

Re: [squid-users] Mikrotik and Squid Transparent

there be a DoS for SQUID on another box, the only resources I can think of is the NAT table, maybe conntrack Alex On 26 June 2015 at 22:49, Amos Jeffries squ...@treenet.co.nz wrote: On 27/06/2015 12:14 a.m., Alex Samad wrote: aren't squid and nat box different ? that was my presumption.. Best

Re: [squid-users] Mikrotik and Squid Transparent

aren't squid and nat box different ? that was my presumption.. On 25 June 2015 at 19:07, Amos Jeffries squ...@treenet.co.nz wrote: On 25/06/2015 12:45 p.m., Alex Samad wrote: Hi why this, doesn't this block all traffic getting to the squid port. iptables -t mangle -A PREROUTING -p tcp

Re: [squid-users] Mikrotik and Squid Transparent

Hi why this, doesn't this block all traffic getting to the squid port. iptables -t mangle -A PREROUTING -p tcp --dport $SQUIDPORT -j DROP what I would do to test is run tcpdump on the squid box and capture all traffic coming to it on the squid listening port, then go to a test machine on the

Re: [squid-users] Memory usage question

Hi UFS or AUFS ? guessing aufs Any suggestions on the L1 L2 values, defaults ? On 21 June 2015 at 11:57, Amos Jeffries squ...@treenet.co.nz wrote: On 20/06/2015 9:08 p.m., Alex Samad wrote: Hi Are there any gotchas i need to look out for. Also I have allocated a 1T lun to the VM. Whats

Re: [squid-users] Memory usage question

of re downloading them On 19 June 2015 at 21:16, Eliezer Croitoru elie...@ngtech.co.il wrote: First goes first... Upgrade to 3.5 or 3.4 branch. Then try to use top or htop to get a snapshot of the virtual memory and resident memory that squid uses. Eliezer On 19/06/2015 13:19, Alex Samad

Re: [squid-users] High-availability and load-balancing between N squid servers

Hi I run 2 squid boxes, and I use pacemaker to float 2 VIP's between the 2 boxes. Basically I just run squid on both and I create a VIP resource that test if squid is running to allocate the VIP. But this doesn't really give you load balancing. but very good resilience. Pacemaker and Linux

[squid-users] netflix

Hi I remember seeing some rules for caching microsoft updates. Is there anything special to cache netflix ? Alex ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

[squid-users] https_port question

Hi Looking at http://www.squid-cache.org/Doc/config/https_port/ I am trying to work out where I place intermediary CA certs. I am setting up a reverse proxy setup, trying to terminate the SSL here. cert= points to SSL certificate PEM file, this seems to be a public and private combo file. can

[squid-users] bandwidth limiting

Hi is there any way to limit the bandwidth squid uses to pull stuff from the internet ? Can it slow down request, delay acks or ?? A ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

[squid-users] tcp_outgoing_address

Hi I have squid-3.5.2-2.el6.x86_64 on centos 6.6 I am trying to direct certain destinations from certain ip addresses acl viaTest dstdomain .abc.com tcp_outgoing_address 192.168.11.11 viaTEst This works well for www.abc.com and test.abc.com when they resolve to ipv4 addresses but when they

Re: [squid-users] State of www1.ngtech.co.il

What I found, was I couldn't yum install . yum update but I would directly download the rpm with wget (with out a proxy as well !). strange ! On 9 April 2015 at 16:47, Henri Wahl h.w...@ifw-dresden.de wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi list, does anybody know what is

Re: [squid-users] help setting up hierarchy

[snip] Config questions 1) how to I get user authentication to flow through if a user requests from squid-a and it takes it from squid-b. I would like the user id's logged on both if a user requests from new squid to either squid-a or squid-b. I would like the auth (which would be done

[squid-users] help setting up hierarchy

Hi I have 2 squid boxes that exist in my 2 DC. They are on the same vlan/ ip network and i use dns round robin cache_peer other sibling 3128 3130 proxy-only in addition to this I added in # ICP ALLOW acl icp_allowed src 10.3.2.1/32 the ip of the other squid box to allow icp http_access

Re: [squid-users] Interesting problem

me (Alex)? forward proxy ? On 27 February 2015 at 05:18, Eliezer Croitoru elie...@ngtech.co.il wrote: On 25/02/2015 06:18, Alex Samad wrote: Hi I am running squid on Centos 6.5 squid-3.1.10-29.el6.x86_64 Hey Mike, Can you share your squid.conf? It's unreal that you will have

[squid-users] Interesting problem

Hi I am running squid on Centos 6.5 squid-3.1.10-29.el6.x86_64 when I browse to https://www.quadriserv.com from IE or Chrome via the squid proxy, it seems to corrupt the server cert. when i browse to the site by passing squid it works fine. I have tried wget from the squid box works fine also