__
squid-users mailing list
mailto:squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
mailto:squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/sq
Thank Alex
This will fix the issue!
Le 31/01/2024 à 17:43, Alex Rousskov a écrit :
On 2024-01-31 09:23, David Touzeau wrote:
Hi %note is used by our external_acls and for log other tokens
And we use also Group as token.
it can disabled by direcly removing source kerberos code before
way to remove these entries from the log ?
I think you should correct logformat directive in your squid
configuration to disable annotations logging (%note):
http://www.squid-cache.org/Doc/config/logformat/
Kind regards,
Ankor.
ср, 31 янв. 2024 г. в 15:51, David Touzeau :
Anyway to rem
", "S", $sid_rev, ($id1<<32)+$id2, @ids);
print "$sid_string\n";
вт, 30 янв. 2024 г. в 18:49, David Touzeau :
Hi when using Kerberos with Squid when in access log a long Group
tags:
I would like to know how to disable Squid to grab groups suring
authe
BIB%0D%0Aaccessrule:%20final_allow%0D%0Afirst:%20ERROR%0D%0Awebfilter:%20pass%0D%0Aexterr:%20invalid_code_431%0D%0A
ua="-" exterr="-|-"|
--
David Touzeau - Artica Tech France
Development team, level 3 support
--
P: +33 6 58 44 69 46
www:https:
8:50| WARNING: (B) '64.34.72.232' is a subnetwork of
(A) '64.34.72.232'
According to all warning, Squid won't start with this error
*2023/10/02 20:20:09| FATAL: assertion failed: debug.cc:606:
"earlyMessages->size() < 1000"**
**Aborted*
How to avoid this ??
--
David Touzeau - Arti
72.232'
According to all warning, Squid won't start with this error
*2023/10/02 20:20:09| FATAL: assertion failed: debug.cc:606:
"earlyMessages->size() < 1000"**
**Aborted*
How to avoid this ??
--
David Touzeau - Artica Tech France
Development team, level 3 support
-
to
patch the squid sources.
In that case, just remove the debugs() statement in lines 200-203
of file src/helper/Reply.cc .
On Mon, Aug 28, 2023 at 9:52 PM David Touzeau
wrote:
Thanks You
As these changes affect many things for us ( use tags for
.
regards
On 28/08/2023 22:46, Francesco Chemolli wrote:
Hi David,
you should use
itchart_=PASS
The trailing underscore signals Squid that this is a custom header.
On Mon, Aug 28, 2023 at 3:54 PM David Touzeau
wrote:
Hi
Since 6.2 ( aka migrating from 5.8 )
Squid claim about
advice: If this is a custom annotation, rename it to add a trailing
underscore: itchart_
current master transaction: master278
Did the helper instead of "itchart=PASS" must send
"itchart_=PASS"
or
"itchart_PASS"
?
--
David Touzeau - Artica Tech
l
disable all "deny" rules.
I'm wrong ?
On 24/04/2023 11:22, Amos Jeffries wrote:
On 24/04/2023 11:33 am, David Touzeau wrote:
We have a "problem" with ACLs, and I don't know how to address this
situation in Squid 5.8
Let me explain:
We have an Active Directory group na
We have a "problem" with ACLs, and I don't know how to address this
situation in Squid 5.8
Let me explain:
We have an Active Directory group named limited_users that is only
allowed to surf on a very limited list of websites.
These users are therefore forbidden to surf on all sites not listed
Thanks Amos for this clarification,
We also have the same needs and indeed, we face with the same approach.
It is possible that the structure of Squid could not, in some cases,
recovering this type of information.
Although the concept of a proxy is neither more nor less than a big
browser
Thanks Amos for this clarification,
We also have the same needs and indeed, we face with the same approach.
It is possible that the structure of Squid could not, in some cases,
recovering this type of information.
Although the concept of a proxy is neither more nor less than a big
browser
/uisproxy-rop@***.***.CORP
3 11/16/2022 11:30:50 host/uisproxy-rop@***.***.CORP
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
--
David Touzeau - Artica Tech France
Development team
over a LOT of things. All of which are outside of Squid's domain.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
--
David Touzeau - Artica Tech France
Development team, level
proxy-190.articatech.int
Via: 1.1 789aaa51-a1eb-eb48-639b-70877aed (squid)
Connection: close
Le 12/10/2022 à 20:00, Alex Rousskov a écrit :
On 10/12/22 12:45, David Touzeau wrote:
Hi
We using squid 5.7 after adding ssl-bump we have sometimes several
502 error with extended error ERR_READ_ERROR|W
Hi
We using squid 5.7 after adding ssl-bump we have sometimes several 502
error with extended error ERR_READ_ERROR|WITH_SERVER
1665589818.831 11 192.168.1.13 NONE_NONE/502 192616 OPTIONS
https://www2.deepl.com/jsonrpc?method=LMT_split_text - HIER_NONE/-:-
text/html
Hi
We have some experience on cluster configuration.
https://wiki.articatech.com/en/proxy-service/hacluster
As using Kubernetes for Squid and for 40K users is a very "risky adventure".
Squid requires a very high disk performance (I/O) which means both a
good hard disk drive and a decent
Hi Eric.
We had the same restrictions with the fast or slow ACLs.
Have you thought about creating a squid helper that calculates your needs?
So maybe you can get around this by using the acl "note" acl note xxx
xxx which turns your helper results (slow) into "fast".
Le 05/09/2022 à 14:56,
http://lists.squid-cache.org/listinfo/squid-users
--
Technical Support
*David Touzeau*
Orgerus, Yvelines, France
*Artica Tech*
P: +33 6 58 44 69 46
www: wiki.articatech.com <https://wiki.articatech.com>
www: articatech.net <http://articatech.net>
___
Hi Eliezer
if you want to do transparent mode without having to put squid squidboix
in front of your fortinet.
If you want to do transparent mode while your fortinet aggregates
several VLANs, the WCCP mode is necessary
So you can control everything through your fortigate
By the way,
g?
Thanks,
Eliezer
Eliezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email: ngtech1...@gmail.com
Web: https://ngtech.co.il/
My-Tube: https://tube.ngtech.co.il/
*From:*squid-users *On
Behalf Of *David Touzeau
*Sent:* Thursday, 23 June 2022 19:12
*To:* squid-users@lists.squid
testing to be done.
Le 23/06/2022 à 14:44, Alex Rousskov a écrit :
On 6/21/22 07:43, David Touzeau wrote:
We trying to using WCCP with Fortigate without success Squid version
5.5 always claim "Ignoring WCCPv2 message: truncated record"
What can be the cause ?
The most likely caus
Hi
We trying to using WCCP with Fortigate without success Squid version
5.5 always claim "Ignoring WCCPv2 message: truncated record"
What can be the cause ?
We have added a service ID 80 on fortigate
config system wccp
edit "80"
set router-id 10.10.50.1
set
al Support
*David Touzeau*
Orgerus, Yvelines, France
*Artica Tech*
P: +33 6 58 44 69 46
www: wiki.articatech.com <https://wiki.articatech.com>
www: articatech.net <http://articatech.net>
___
squid-users mailing list
squid-users@list
Hi
added exterr="%err_code|%err_detail" in logging and result return some
request with ERR_PROTOCOL_UNKNOWN|exception=18686e4e
1646498399.887 46 176.12.1.2 NONE_NONE/000 0 CONNECT 62.67.238.138:443 -
HIER_NONE/-:- exterr="ERR_PROTOCOL_UNKNOWN|exception=18686e4e"
What does
ed to
understand the scenario.
While you assume it’s a chimera I still believe it’s just a three
heads Kerberos which… was proved to exists… in the movies and in the
virtual world.
Eliezer
Eliezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email: ngtech1...@gmail.co
and what you can afford to invest in the development process
of each part of setup.
All The Bests,
Eliezer
Eliezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email: ngtech1...@gmail.com
*From:*squid-users *On
Behalf Of *David Touzeau
*Sent:* Friday, February 11, 2022 17:03
h kerberos authentication the user don't have to authenticate against
the proxy. The authentication is done in the background.
Mayb this link will help:
https://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos
On Thu, Feb 10, David Touzeau wrote:
Hi
What we are looking for is to retrieve a &q
P database.
This is to avoid any connection to an Active Directory
Maybe this is impossible
Le 10/02/2022 à 05:03, Amos Jeffries a écrit :
On 10/02/22 01:43, David Touzeau wrote:
Hi
I would like to sponsor the improvement of ntlm_fake_auth to support
new protocols
ntlm_* helpers are specific to NTLM auth
Hi
I would like to sponsor the improvement of ntlm_fake_auth to support new
protocols or go further produce a new negotiate_kerberos_auth_fake
Who should start the challenge?
regards___
squid-users mailing list
squid-users@lists.squid-cache.org
enough to demonstrate that a simple
threaded helper is much better then any PHP code that was not meant to
be running as a STDIN/OUT daemon/helper software.
All The Bests,
Eliezer
Eliezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email: ngtech1...@gmail.com
*From:*David Touzeau
iezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email: ngtech1...@gmail.com
*From:*squid-users *On
Behalf Of *David Touzeau
*Sent:* Friday, February 4, 2022 16:29
*To:* squid-users@lists.squid-cache.org
*Subject:* Re: [squid-users] external helper development
Elizer,
Thanks for all this
(stdin_thread)
while(RUNNING):
time.sleep(3)
print("Not RUNNING")
for thread in threads:
thread.join()
print("All threads stopped.")
## END
Eliezer
Eliezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email: ngtech1...@gmail.com
*From:*squid-users *On
Elizer,
Thanks for all this advice and indeed your arguments are valid between
opening a socket, sending data, receiving data and closing the socket
unlike direct access to a regex or a memory entry even if the
calculation has already been done.
But what surprises me the most is that we
Hi Elizer
You are right in a way but when squid loads multiple helpers, each
helper will use its own cache.
Using a shared "base" allows helpers to avoid having to compute a query
already found by another helper who already has the answer.
Concerning PHP what we find strange is that with our
Is adapted_http_access supporting url_rewrite_program ? It seems only
supports ecap/icap
Le 31/01/2022 à 03:52, Amos Jeffries a écrit :
On 31/01/22 13:20, David Touzeau wrote:
But it makes 2 connections to the squid for just stopping queries.
It seems not really optimized.
The joys
Hi
I have built my own squid url_rewrite_program
protocol requires answering with
# OK status=301|302 url=
Or
# OK rewrite-url="http://blablaba;
In my case, especially for trackers/ads i would like to say to browsers:
"Go away !" without need them to redirect.
Sure i can use these methods
Hi
We used Squid 5.2 and we see that security_file_certgen consume I/O
Is there any way to put the ssldb in memory without need to mount a tmpfs ?
regards
___
squid-users mailing list
squid-users@lists.squid-cache.org
Hi
Working like a charm !!!
Many thanks!!
Le 26/11/2021 à 17:43, Alex Rousskov a écrit :
On 11/25/21 4:46 PM, David Touzeau wrote:
We need to add %note added from external helper using a deny_info and
specific squid error page.
tried with %o or %m without success
Is there a token to build
Hi,
We need to add %note added from external helper using a deny_info and
specific squid error page.
tried with %o or %m without success
Is there a token to build an error page with an external acl helper output ?
Regards___
squid-users mailing
Hi
According to your documentation,
cache dir rock : objects larger than 32,000 bytes cannot be cached
if aufs cannot be implemented in SMP configuration how can we handle
larger files in cache ?
Le 23/11/2021 à 11:01, David Touzeau a écrit :
Ok thanks, we will investigate in this way
Le 22
Hi community,
tlu.dl.delivery.mp.microsoft.com is from the app store and it encounters
an issue with high bandwidth usage.
We think that it was caused because Squid filtering the HTTP Range
header from the HTTP requests.
This caused the app store download everything in an endless loop
We
Ok thanks, we will investigate in this way
Le 22/11/2021 à 19:33, Alex Rousskov a écrit :
On 11/22/21 12:48 PM, David Touzeau wrote:
Here our SMP configuration:
workers 2
cache_dir rock /home/squid/cache/rock 0 min-size=0 max-size=131072
slot-size=32000
if ${process_number} = 1
256
min-size=131072 max-size=3221225472
endif
if ${process_number} = 2
memory_cache_mode always
cpu_affinity_map process_numbers=${process_number} cores=2
endif
where is the false settings ?
Missing cache_dir ?
Le 22/11/2021 à 18:18, Alex Rousskov a écrit :
On 11/22/21 11:55 AM, David Touzeau
Hi, community
What does mean this error :
2021/11/21 17:23:06 kid1| assertion failed: Controller.cc:930:
"!transients || e.hasTransients()"
current master transaction: master69
We are unable to start the service it always crashes.
How can we can fix it ( purge cache , reboot )...
Hi,
For us it is Squid v4.17
Le 16/11/2021 à 17:40, Graminsta a écrit :
Hey folks ;)
What is the most stable squid version for production on Ubuntu 18 or 20?
Marcelo
___
squid-users mailing list
squid-users@lists.squid-cache.org
Any tips,
Is someone using Fake NTLM with modern browsers ?
Le 11/11/2021 à 13:16, David Touzeau a écrit :
Thanks Amos it will help understand something
I think modern browser sending NTLMv2 as the ntlm_fake_auth
understanding only NTLMv1 ( perhaps )
Using curl with --proxy-ntlm option
ies needed to see if the memory leak is
gone or not.
I run multiple Squid 5.2 servers on Debian 11 in production and do not
have any issues.
---
Best regards,
Enrico Heine
Am 2021-11-11 20:08, schrieb David Touzeau:
Hi
Just for information and i hope it will help.
We have installed Squid
Hi
Just for information and i hope it will help.
We have installed Squid 5.1 and Squid 5.2 in production mode.
It seems that after several days, the Squid become very unstable.
We mention that when switching to 4.x we did not encounter these errors
with the same configuration, same users, same
/11/21 14:12, David Touzeau wrote:
Hi,
i would like to use ntlm_fake_auth but it seems Squid refuse to
switch to authenticated user and return a 407 to the browser and
squid never accept credentials.
What i missing ?
Configuration seems simple:
auth_param ntlm program /lib/squid3
Hi,
i would like to use ntlm_fake_auth but it seems Squid refuse to switch
to authenticated user and return a 407 to the browser and squid never
accept credentials.
What i missing ?
Configuration seems simple:
auth_param ntlm program /lib/squid3/ntlm_fake_auth -v
auth_param ntlm children 20
the request.
Le 02/11/2021 à 16:17, Alex Rousskov a écrit :
On 11/2/21 10:40 AM, David Touzeau wrote:
2021/11/01 16:50:48.787 kid1| 93,3| Http::Tunneler::handleReadyRead(conn9812727
local=127.0.0.1:23408 remote=127.0.0.1:2320 FIRSTUP_PARENT)
2021/11/01 16:50:48.787 kid1| 74,5| parse: status
Hi,
Take time to enable the debug log an parsing the 10GB of logs
Here the piece of code:
2021/11/01 16:50:48.786 kid1| 33,5| AsyncCall.cc(30) AsyncCall: The
AsyncCall Server::clientWriteDone constructed, this=0x55849cb132b0
[call252226641]
2021/11/01 16:50:48.786 kid1| 5,5| Write.cc(37)
Hello Community,
We use child Squid proxies that connect to boxes that act as parents.
In version 4.x this configuration does not pose any problem.
In version 5.2, since, we have a lot of errors like :
01h 47mn kid1| TCP connection to 10.32.0.18/3150 failed
01h 47mn kid1| TCP connection to
Hi
Just to mention, we discover high memory usage too without ICAP and SSL bump
after several days, need to restart the service.
Le 08/10/2021 à 10:56, Steve Hill a écrit :
I'm seeing high memory usage on Squid 5.1. Caching is disabled, so
I'd expect memory usage to be fairly low (and it was
Thanks amos !!
I think auth_schemes can be a workaround.
I will try it !
Le 21/09/2021 à 02:49, Amos Jeffries a écrit :
On 21/09/21 11:49 am, David Touzeau wrote:
When edge, chrome and IE try to establish a session, Squid claim
2021/09/21 01:17:27 kid1| ERROR: Negotiate Authentication
It up, i'll document it and make and howto of it.
Greetz,
Louis
Van: squid-users [mailto:squid-users-boun...@lists.squid-cache.org]
Namens David Touzeau
Verzonden: dinsdag 21 september 2021 1:49
Aan: squid-users@lists.squid-cache.org
Hi all
i have setup Kerberos authentication with Windows 2019 domain using
Squid 5.1 ( The Squid version did not fix the issue - Tested 4.x and 5.x)
In some cases, some computers are not joined to the domain and ween need
to allow authenticate on Squid
To allow this, Basic Authentication is
Thanks, i will try in this way
Le 16/09/2021 à 21:03, Alex Rousskov a écrit :
On 9/16/21 2:52 PM, David Touzeau wrote:
It is true that it would be possible to use an external_acl in the
http_reply_access.
Do you think that adding it in this position I would be able to use
squid's resolution
that adding it in this position I would be able to use
squid's resolution results ?
Le 16/09/2021 à 19:43, Alex Rousskov a écrit :
On 9/16/21 1:30 PM, David Touzeau wrote:
I'm turning to create a DNS resolution dev and I'm giving up looking
retreive this information through Squid.
Please note
Amos,
Thank you for your response and kindness,
I'm turning to create a DNS resolution dev and I'm giving up looking
retreive this information through Squid.
Le 16/09/2021 à 19:13, Amos Jeffries a écrit :
On 17/09/21 2:42 am, David Touzeau wrote:
Thanks Amos for quick answer.
Can you take
:
On 16/09/21 10:09 pm, David Touzeau wrote:
Hi comunity, Squid fans
I would like to use an external acl process for Geoip processing
i have tried to setup squid to send the remote peer address using %code but it always reply with a "-"
external_acl_type MyGeopip ttl=3600 negativ
Hi comunity, Squid fans
I would like to use an external acl process for Geoip processing
i have tried to setup squid to send the remote peer address using %code but it always reply with a "-"
external_acl_type MyGeopip ttl=3600 negative_ttl=3600 children-startup=2
children-idle=2
0922
Tel (Intl) : +44 1305 898033
https://www.lubefinder.com
*From:* squid-users on
behalf of David Touzeau
*Sent:* Wednesday, September 15, 2021 11:40:04 AM
*To:* squid-users@lists.squid-cache.org
*Subject:* [squid
On Debian 10 64bits with squid 5.1 we have thousand warning as this:
2021/09/15 08:00:18 kid1| WARNING: no_suid: setuid(0): (1) Operation not
permitted
2021/09/15 08:00:18 kid2| WARNING: no_suid: setuid(0): (1) Operation not
permitted
2021/09/15 08:00:18 kid1| WARNING: no_suid: setuid(0): (1)
Basically syslogd can do what you want : send via TCP, HTTP, UDP
So the deal is to use
logformat my_metrics [statsd] %icap::tt %
Hi
Is there a way to configure Squid to output the logs to statsd rather
than a file?
Today I have this:
+logformat my_metrics %icap::tt %However I
ml
Many users says there is no impact on helpers and performance as it is
just a warning...
Did you confirm it ?
Le 28/02/2021 à 01:58, Alex Rousskov a écrit :
On 2/27/21 7:22 PM, David Touzeau wrote:
Hi, regulary i have this error :
2021/02/28 01:18:43 kid1| helperOpenSe
Hi, regulary i have this error :
2021/02/28 01:18:43 kid1| helperOpenServers: Starting 5/32
'security_file_certgen' processes
2021/02/28 01:18:43 kid1| WARNING: no_suid: setuid(0): (1) Operation not
permitted
i have set the setuid permission
chown root:squid security_file_certgen
chmod
/squid.pid'
'--with-swapdir=/var/cache/squid' 'build_alias=x86_64-linux-gnu'
Le 14/01/2021 à 05:43, Amos Jeffries a écrit :
On 14/01/21 3:17 am, David Touzeau wrote:
Hi
This error is generated every 15 minutes when using any authenticator
helper (ntlm, kerberos...)
Is there a way to investigate
Hi
This error is generated every 15 minutes when using any authenticator
helper (ntlm, kerberos...)
Is there a way to investigate on this issue ?
kidxx| WARNING: no_suid: setuid(0): (1) Operation not permitted
Sometimes, after rebooting the system, issue is fixed for an
undetermined
Support
Mobile: +972-5-28704261
Email: ngtech1...@gmail.com <mailto:ngtech1...@gmail.com>
Zoom: Coming soon
*From:*David Touzeau
*Sent:* Monday, January 4, 2021 3:25 PM
*To:* ngtech1...@gmail.com; squid-users@lists.squid-cache.org
*Subject:* Re: [squid-users] PCI Certification compliance
Eliezer Croitoru
Tech Support
Mobile: +972-5-28704261
Email: ngtech1...@gmail.com <mailto:ngtech1...@gmail.com>
Zoom: Coming soon
*From:*squid-users *On
Behalf Of *David Touzeau
*Sent:* Monday, January 4, 2021 10:23 AM
*To:* squid-users@lists.squid-cache.org
*Subject:* Re: [squid-user
Hi Eiezer,
I can help you by giving a list but
Just by using "main domains":
* Banking/transcations : 27 646 websites.
* AV sofwtare and updates sites (fw, routers...) : 133 295 websites
I can give it to you the lists , they are incomplete and it should
decrease squid performance by
Thanks Amos
You means using "login=PASS" in peer settings and in Proxy parent B and
C use the "basic_fake_auth" helper to "simulate" the requested auth ?
Le 17/11/2020 à 11:43, Amos Jeffries a écrit :
On 17/11/20 9:27 pm, David Touzeau wrote:
Hi,
W
Hi,
We a first Squid using Kerberos + Active Directory authentication.
This first squid is used to limit access using ACls and Active Directory
groups.
This first squid using parents as peer in order to access to internet in
this way:
| > SQUID B
When having several *_access http_access,reply_access...
In a stressed environment, it is difficult to hunt an issue or a wrong rule.
The debug mode is impossible because the proxy in production mode write too
many logs..
But if we can identify the rule and add pointer to the log, it is
Thanks for the answer details
How to be a sponsor ? ( cost ) of such feature
Could you think it can be planned for 5.x ?
I think it should be a "future" "standard" in the same way of DNS over SSL
Le 19/05/2020 à 16:46, Alex Rousskov a écrit :
On 18/05/20 10:15 am, David T
TestFinger
ssl_bump stare ssl_step2 all
ssl_bump bump all
But no luck, website still decrypted.
Le 13/05/2020 à 21:33, Alex Rousskov a écrit :
On 5/12/20 7:42 AM, David Touzeau wrote:
ssl_bump peek ssl_step1
ssl_bump splice TestFinger
ssl_bump stare ssl_step2 all
ssl_bump bump all
Seems TestFinger
Hi we want to use squid as * * * Secure Proxy * * * using https_port
We have tested major browsers and it seems working good.
To make it work, we need to deploy the proxy certificate on all browsers
to make the secure connection running.
In this case, squid forward requests without
Hi, i'm trying to play with acl "server_cert_fingerprint" for splicing
websites.
First, get the fingerprint :
openssl s_client -host www.clubic.com -port 443 2> /dev/null | openssl
x509 -fingerprint -noout
# Build the acl
acl TestFinger server_cert_fingerprint
Hi
Is Squid handle TCP Fast open on modern kernel ?
Has anyone tried to implement this directive and noticed a performance
improvement ?
Best regards.
___
squid-users mailing list
squid-users@lists.squid-cache.org
Le 15/04/2019 à 22:41, Alex Rousskov a écrit :
On 4/15/19 8:01 AM, David Touzeau wrote:
Is it possible, sometimes to better understand a bunch of ACLs to log
the last matches or a set of matched acls objects:
192.168.1.235 - - [15/Apr/2019:15:59:30 +0200] "GET
http://www.msftncsi.com/ncs
Le 02/04/2019 à 10:39, Amos Jeffries a écrit :
On 2/04/19 8:53 pm, L.P.H. van Belle wrote:
I suggest start compairing the logs you posted, the builds are really different.
Differences in
- kernel
- needed packages
- build paramaters due to missing or different packages.
Etc.
Just diff you
Hi
Is it possible, sometimes to better understand a bunch of ACLs to log
the last matches or a set of matched acls objects:
example
192.168.1.235 - - [15/Apr/2019:15:59:30 +0200] "GET
http://www.msftncsi.com/ncsi.txt HTTP/1.1" 200 211 "-" "curl/7.52.1"
TCP_MISS:HIER_DIRECT text/plain
Le 02/04/2019 à 18:06, Alex Rousskov a écrit :
On 4/2/19 1:23 AM, David Touzeau wrote:
Le 01/04/2019 à 23:22, Alex Rousskov a écrit :
Do your Squids use shared memory for the memory cache? See
memory_cache_shared (even if you do not set it explicitly).
http://www.squid-cache.org/Doc/config
Le 02/04/2019 à 07:43, L A Walsh a écrit :
On 4/1/2019 2:17 AM, David Touzeau wrote:
We have recompiled same squid version on 2 systems
https://github.com/dtouzeau/1.6.x/blob/Tempfiles/centos7-config.log?raw=true
---
Result was CentOS 44
Le 01/04/2019 à 23:22, Alex Rousskov a écrit :
On 4/1/19 3:17 AM, David Touzeau wrote:
On 30.03.19 10:22, David Touzeau wrote:
* Debian 9 net install + Squid compiled
* CentOS 7 minimal + Squid compiled
Same version, same compilation parameters, same Squid settings.
It seems that Squid
Le 01/04/2019 à 00:23, David Touzeau a écrit :
Le 31/03/2019 à 05:50, Amos Jeffries a écrit :
On 31/03/19 3:41 am, David Touzeau wrote:
On 30.03.19 10:22, David Touzeau wrote:
Did you have perform squid stress on Debian against CentOS ?
I have installed:
* Debian 9 net install + Squid
Le 31/03/2019 à 05:50, Amos Jeffries a écrit :
On 31/03/19 3:41 am, David Touzeau wrote:
On 30.03.19 10:22, David Touzeau wrote:
Did you have perform squid stress on Debian against CentOS ?
I have installed:
* Debian 9 net install + Squid compiled
* CentOS 7 minimal + Squid compiled
Same
On 30.03.19 10:22, David Touzeau wrote:
Did you have perform squid stress on Debian against CentOS ?
I have installed:
* Debian 9 net install + Squid compiled
* CentOS 7 minimal + Squid compiled
Same version, same compilation parameters, same Squid settings.
It seems that Squid on CentOS
Hi all,
Did you have perform squid stress on Debian against CentOS ?
I have installed:
* Debian 9 net install + Squid compiled
* CentOS 7 minimal + Squid compiled
Same version, same compilation parameters, same Squid settings.
It seems that Squid on CentOS is 10 times faster than squid on
ers] squid 4.x: decided: do not cache but share because
the entry has been released
On 2/23/19 10:17 AM, Amos Jeffries wrote:
> On 24/02/19 5:33 am, David Touzeau wrote:
>> http.cc(982) haveParsedReplyHeaders: decided: do not cache but share
>> because the entry has been released;
Hi
I'm trying to store in cache an Internet file
Run the squid in debug mode says:
http.cc(982) haveParsedReplyHeaders: decided: do not cache but share because
the entry has been released; HTTP status 200
What "but share because the entry has been released" event means ?
] Squid 4.x: cache_peer PROXY_PROTOCOL support with
squid parents
On 23/02/19 2:45 am, David Touzeau wrote:
> Hi,
>
>
>
> We would like to use this infrastructure:
>
>
>
> Squid-cache client authentication 1
>
>
>| > Squid Parent with
an
Tproxy...
But you confirm that this is not relevant...
Best regards,
-Message d'origine-
De : squid-users De la part de Amos
Jeffries
Envoyé : samedi 1 septembre 2018 17:07
À : squid-users@lists.squid-cache.org
Objet : Re: [squid-users] Transparent vs Tproxy: performance ?
On 1/09/18 9:33 PM, David To
Hi
We have 2 ways to make the squid in < transparent mode. >
The standard Transparent method and (with modern kernels) the use of <
Tproxy > method
I would like to know which is the best according to the performance ?
Or is it the same ?
Best regards.
sers] v4.2 url_rewrite Uri.cc line 371 bad URL parsing on
SSL
On 16/08/18 11:58, David Touzeau wrote:
> Hi,
>
>
>
> I have written my own url_rewrite helper
>
>
>
> On SSL sites, the helper answering a redirect to a remote denied php page.
>
No your helper *rew
Hi,
I have written my own url_rewrite helper
On SSL sites, the helper answering a redirect to a remote denied php page.
With HTTP, no issue but on SSL there is a different behavior
My helper return
rewrite-url= https://192.168.1.122:443/myguard.php?rule-id=0
1 - 100 of 165 matches
Mail list logo